Many of us are said to have data breach fatigue, which means that due to so many massive data breaches occurring in recent years, such as the Equifax data breach of 2017 in which 145 million people had personal information stolen, we have become numbed failed to appreciate how serious these data breaches are.  This would be a mistake because the personal information often stolen in data breaches can lead to identity theft in various forms including having your bank accounts hacked and stolen.  Recently, Troy Hunt, a security researcher who started the website, where you can go and find out if your personal information was compromised in various data breaches, disclosed perhaps the biggest collection of stolen email addresses and passwords yet.  Hunt found 773 million email addresses and 21 million password being sold on the Dark Web, that part of the Internet where criminals buy and sell stolen items.  Making matters even worse, security reporter Brian Krebs is saying that this collection of stolen personal information is just the first batch of many millions more to come.

One of the biggest lessons from the myriad of data breaches is to make sure that you use unique passwords for every online account that you have in order to avoid having a sensitive account, such as your online banking account compromised because you use the same password as you do for another relatively meaningless account that had poor security that led to a data breach.


Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.

Also, with your email address commonly known by many scammers, you can expect to receive more and more phishing and more dangerous, specifically targeted spear phishing emails that attempt to lure you into clicking on links containing malware or try to convince you to provide personal information that can be used to make you a victim of identity theft.  Never click on links or provide personal information in response to an email or text message unless you are absolutely sure that the email or text message is legitimate.

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and click on the tab that states “Sign up for this blog.”