erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,893
"As a consumer, there is unfortunately little you can do about companies losing control of your data once they have it. Instead, you should focus on minimizing how much of your data companies have in the first place— for example, no one company should have a password that can be used with your name or email address to log in to an account at another company. You might also strongly consider whether you really need to create new, cloud-based accounts containing personally identifiable information in the first place.
Finally, be aware of how phishing and social engineering attacks work and how to guard against them. Avoid clicking links in email, particularly links that demand that you log in. Be aware of where those links go—most email clients, whether programs or Web-based, will allow you to see where a URL goes by hovering over it without clicking. Similarly, keep an eye on the address bar in your browser—a login page to MyFictitiousBank, however legitimate-seeming, is bad news if the URL in the address bar is DougsDogWashing.biz."
https://arstechnica.com/information...ta-leaked-due-to-misconfigured-elasticsearch/
Finally, be aware of how phishing and social engineering attacks work and how to guard against them. Avoid clicking links in email, particularly links that demand that you log in. Be aware of where those links go—most email clients, whether programs or Web-based, will allow you to see where a URL goes by hovering over it without clicking. Similarly, keep an eye on the address bar in your browser—a login page to MyFictitiousBank, however legitimate-seeming, is bad news if the URL in the address bar is DougsDogWashing.biz."
https://arstechnica.com/information...ta-leaked-due-to-misconfigured-elasticsearch/