Get ready for another data breach of mind-blowing proportions.
A look at the damage done
A Russian criminal ring reportedly has stolen more than 1.2 billion usernames and passwords from around the web, according to a report in The New York Times.
The firm that discovered the massive breach has not revealed the names of websites impacted because of non-disclosure agreements with many of them who are clients.
The one thing we do know about the estimated 420,000 compromised sites is that they range from “Fortune 500 companies to very small websites.”
In addition, the hacked info was also collected from some 500 million emails.
2 actions you should take right now
1. Do a credit freeze. You'll pay zero to $10 per bureau, depending on your state. This will shut a criminal down cold when they try to apply for new lines of credit in your name. You can find my credit freeze guide here; it will walk you through the easy process.
2. Change your passwords on your email, social media, and financial sites. Using the same password on multiple sites is very, very dangerous; this latest incident highlights that more than ever.
What you need is a password that's both easy to remember and highly customizable for every different website you visit. Here's one possibility: When you go to a website, you use the password you normally use, but have some system in place like appending the first two letters of the site's name to your password. So if your password is 'bluesky,' you would use 'blueskyza' at Zappos or 'blueskyam' at Amazon.
You may also want to consider software programs (such as Dashlane , Lastpass, PasswordBox and others) to manage your passwords. Several of these are free to use, operating under the “freemium” model.
Breaches of all kinds are becoming a daily fact of life. Unless you plan to boycott the Internet and never pay for anything other than in cash, you'll likely be exposed to multiple breaches over your lifetime. The best you can do is educate yourself, take the necessary precautions, and get on with your life.