What the Tech: How to tell if your email address, passwords have been exposed
By Jamie Tucker – Consumer Technology Reporter
WHAT THE TECH (WAKA) – A major data breach involving the education platform Canvas has parents, teachers and
students concerned after hackers reportedly stole names, addresses, student IDs and other personal information.
The hacker group known as ShinyHunters is believed to be behind the attack.
But cybersecurity experts say the bigger story may not be the breach itself. It is what happens after your information is exposed.
And there is a good chance your information is already out there.
Check Whether Your Email Has Been Exposed
One of the easiest ways to find out is through Have I Been Pwned, a free website created by cybersecurity expert Troy Hunt. Enter your email address and the site will show whether it has appeared in known data breaches.
Many people are shocked to discover their email addresses were exposed years ago and they never knew it.
An exposed email address may not sound dangerous, but criminals use leaked email accountsfor phishing attacks, scam calls, fake password reset attempts, and targeted fraud.
Password Reuse Is the Real Danger
The more serious leaks involve passwords. Have I Been Pwned also allows users to check whether passwords have appeared in previous breaches. During our test, an old password that is no longer in use appeared in 266 known leaks.
That is why cybersecurity experts strongly recommend never reusing passwords across multiple accounts.
If the same password unlocks your email, social media accounts, shopping websites, and banking apps, hackers will try all of them. Automated systems can test stolen passwords against hundreds of websites in minutes. One leaked password can quickly become access to your entire digital life.
What You Should Do Right Now
If your email appears in a breach database, experts recommend:
• Change passwords on important accounts immediately
• Never reuse passwords across websites
• Use a password manager to create unique passwords
• Turn on two factor authentication whenever possible
• Watch for suspicious emails or password reset requests
The reality is that data breaches are no longer rare events. The question is not whether your email address has been exposed. It is how many times.
