Online and Offline Leaked DataUpdated: November 02, 2019
This world is made of data; not just online data, but also offline data. Both can be leaked and you should know what to do in that situation.
And don't think that only big companies can leak data; small companies and even individuals are exposed to this situation.
Basically, the main (if not only) way people know you exist is because you are "noted" in official documents. When you're born, you get a birth certificate, but only (at least in some countries) if the parents declare you. It's kind of against the law not to declare your child, but there are countries where people from the low income society do this sometimes. If you are not declared at birth, then it would be impossible for you to go to school, go to the doctor, get a job and...basically succeed in life.
Your identity is really important, and every part of your offline data should be kept with care: identity card, passport, driving license, credit cards and all of the rest. Of course , this type of data can be leaked easily, but it can be stolen entirely much more harder than online data. Stealing this type of documents in order to impersonate someone is a fraud, and there aren't that many cases. Still, we'll discuss a bit later about what can happen to your offline data.
Your online data consists not only of your social media profile, but also from your whole activity on the Internet. This includes navigation history, passwords, and everything that you saved online (credit card information, for example).
As the online world lets us "travel" much faster, we are at that moment when we don't even know how many accounts we have, what email addresses did we use to create them, and so on. By comparison, you can't use your offline data that often.
Your whole package of online data that you leave behind every single day it's called digital footprint. There are quite a few aspects to discuss when it comes to this subject, but I'll only summarise. The digital footprint is the trail you leave behind when using the Internet; that means browser history, location, activity on various websites, personal information provided. The digital footprint is there to ease up your online life: you don\t have to log in to every website that you're using, the passwords are saved either in a browser, either in a password manager, and you can get personalised ads based on your activity.
There are two types of online data that create the digital footprint. One is passive (which consists of the data you can't really see - IP address, cookies, device you're using and so on), the other is active (which consists of the data you know you are leaving behind - tweets, photos, blogs, emails and so on).
The whole article about digital footprint, where you can learn about why should you care about it and how to manage it is down below.
Many don't care about this digital footprint, as they don't think it's that important. But the amount of data you leave behind can really say something about you, and can cause you some issues. You might become the random victim of a hacker that will try to steal the data, and sometimes even ask for a ransom.
The best way to stay protected is to be responsible and aware of all the things that can happen to you (online or offline). I talked about this a lot, as I truly believe the first step into not falling as a hacker's victim is to have a responsible online behaviour. And it can also be applied in the real life, the offline life.
Let's say you're in a totally new country; you came up with the idea of going karting, and the owner of the place asks you for your passport to make a copy. This can be highly suspicious and it should raise a red flag. Why would someone need a copy of your passport just to go karting? I don't think there is one... Yes, the owner can ask for your ID, to check your age, but that is all. You shouldn't let him to take your passport behind his counter or back in the room. Even if it's a super nice place that doesn't scream "fake business", you should refuse this kind of manoeuvre.
And this situation can happen in some many examples. The idea is to never let your ID be copied for whatever reason.
The only ones that might need a copy of your ID or passport are the hotels. Still, even at these, if you happen to arrive to a shady hotel or hostel, then you should reconsider if you want your data left there. It doesn't necessarily mean that they would use your data for something else, but they might lack the organisation skills - the bills and the ID copies might not be kept in a proper, secured way, so that one could come and browse the piles of documents and steal whatever.
Regarding online data, it's a bit more difficult to not give your name or address online - you are shopping online, you are using social media accounts, you are using medical websites etc. Nonetheless, don't give your data to whatever website, and most of all, don't give away sensitive data (as your identification number, for example). You should be aware of the fact that there are only a few websites that need more details about you (for example, your medical account or your bank); otherwise, if you're shopping and the website asks you to upload a picture of your ID, then you should think twice before doing it; actually, don't do it at all, as you'll probably be happier and safer with your money still in your pocket, and your data not stolen.
Also about online data - there is the phishing scam, where you might click on a link that sends you to a webpage that's extremely similar to the one from your bank. First of all, don't click any links that seem even a tiny bit suspicious. If your bank actually wants you to do something, they will call you eventually. Second of all, if you clicked on the link (or on the ad) try to look for anything that seems off: for example, the website is not secured (it doesn't have the "https") and you know it had, some colors are different, some page arrangements seem dubious and so on. If there is anything that makes you wonder, then get out of the website and move on. As I said, if the bank needs anything, you'll be reached by them.
And the above example doesn't apply only to banks. It can be applied to various types of websites, and the best things that you can do are to:
- simply don't click any link that you receive through email from a new sender;
- don't click on any ads that appear randomly on websites. This is also how you can infect your computer with malware. In case you see something that you're really curious about, it's better to do a search on Google and see what it returns.
As most of the time offline and online data can be intertwined, there's another situation that you should be aware of: don't post pictures on social media (or any other website) of any of your personal data: passport, ID, driving license, credit card and so on. In case you loose one of them, the best decision is to just ask if someone has found a document with your name; in most cases, the name is sufficient. But we'll talk a bit later about what to do in various cases.
As you might be online for quite a while now, you might have a big number of accounts - some created with your Facebook account, some with your email (one that you're not using anymore or a current one). Why should you let that data and those account be active if you don't use them?! It's your data and you should protect it, and be organised and responsible.
Sure, it can be time-consuming to start remembering all the accounts you've created so far - so if you know a legit website that can help you with this, please let us know. Until then, there are a few ways to search for them:
- in case you're using the browser's password manager, than you can go to Setting/Password (it depends on the browser) and you can scroll through all the websites you've saved. Then make a list and start checking the websites you forgot about. Some might have already erased your account due to inactivity, but some might not. In case you know that you won't be using that website anymore, delete your account. This method kind of goes for either email based accounts or social media based accounts.
- if you don't delete your emails, then you can check each address that you know you've had. Check for newsletters, promotions, and even hit a search with "new account". You might find quite a lot of website to which you're subscribed to, and even have an account. Again, make a list or create a folder right in the email account; then you can take them one by one.
- in case you've used a social media account to create other accounts, then you should head over to Settings and search for Apps and Websites permissions. On Facebook you'll see a list with three categories (active, expired, removed). This is in 2019. Some years back it was just one list, and you had to scroll and scroll through all the websites and apps you've allowed to read your Facebook data. Now it's much more easier to check them, and you can also multiple select and remove them at once.
Also, if you remember those years of Facebook (2009-2011) when there were a bunch of apps with quizes and all. In case you forgot about them, now you can easily find them in the Expired category, where Facebook says that they might still have access to your data, bu they cna't make any additional new request. With multiple select, you can easily pick all of them and remove them once and for all. Keep in mind, though, that some websites might still have your data and you'd have to manually and direct contact them. Either way, each app/website has a View and Edit section where you can see exactly what data it has access to. The same procedure can be applied on Twitter or whatever other social media account you have.
Read the terms and conditions and the Permissions
I know almost nobody does this, but read the terms and conditions at least on some websites that are new to you. Most of them are required by law to specify a lot of things that can scare you, but they do this just to keep themselves safe from any possible situation ever. Still, if something doesn't quite look good to you, then you are free to not use that website.
Regarding the permissions, these can be more intrusive. Read them carefully whenever you create an account with a social media account or whenever you install a new app. After all, it's you data in various forms and it's your own right to protect it.
Prevention is the key, but there are situations when you just have bad luck. In case your data is leaked or stolen, here are a number of situations that will help you.
There are many types of online data that can be leaked or stolen: passwords, website accounts, email addresses, but also your date of birth and other "more offline data". In case you suspect some unusual activity regarding your online activity, immediately change your password. Try to use a strong password - in case you use a password manager, you can generate one right there.
If you know that a hacked account was used for other accounts, then go and change your passwords to those accounts, too.
In case you used the same password as the hacked account in multiple places, then change it in all of them. Make sure to use different passwords for each account you have. A password manager will be helpful in this situation, as you won't have to remember all of the passwords. Just be sure to keep the password manager super secured.
This can be both an online and an offline situation. In the online world, you might've used your account on a website which saved the data and used it for other purposes. In the offline world, your credit card details can be duplicated in the ATM machine, can be stolen with a RFID scanner or simply copied by someone.
In each of these cases, the first thing you should do is to call your bank and ask for more details about the suspicious payments you've seen, then ask for the bank to block your card.
Keep in mind that it's a good idea to have SMS notifications whenever you make a payment, and to also have a smartphone app created by the bank. In this way, you'll quickly see any change in your bank account and you'll have more control. The app is locked and only you can unlock it (with Touch ID or with a code). Of course, keep you phone extra safe and don't loose it - but this is another discussion.
Maybe you lost your identity card, and now someone who doesn't know how things work, posted a photo of it on social media; to help you, but...that can not be the case. If there is someone that really wants to harm you, it can use your data in various situations that don't require the face-to-face meeting.
There's also the case when your passport or your identity card gets stolen.
In any of the cases (or in any similar case), the first thing you should do is to report the missing document. In this way, you'll at least alert the police or the institution that release your document, and they will issue a report, making your lost document harder to use. Most of the time, the new document that you'll receive can be done in a matter of urgency. Either way, proving your identity before anyone else it's a priority.
Also, the next thing you should do is to call the bank, and announce them about the situation. They will ask you a few questions to prove that it's you. You can also go in person.
It's a bit harder when you travel, as if you loose your documents in a different country, you'd better have some insurance regarding this. You can then go to the Embassy to let them know about the problem.
Still, my advice for traveling (or even at home), is to always carry a copy of your documents with you, in another place than your original. If the law lets you, you can carry just the copy of the document. You can do this especially if you're travelling, as you'll minimize the harm done. In case a policeman ask you about the documents, you can simply explain him that you prefer to leave the originals at home, so that you won't loose them; you can show them at any time. Make sure to have a clear, colour copy of the document, so that your face is visible.