Over the weekend I got an email from have i been pwned, a website that tracks data breaches and notifies users whose information may have been compromised. The notification I received reported that my email may have been among some 4.9 million accounts whose information was compromised sometime in December of 2015. The email from HIBP indicated that the owner of the breached database has already reached out to those affected. Since I didn’t receive such notification, and because the nature of the data compromised (names, emails, and salted passwords) was relatively low-risk, I’m not getting too worked up about it.
However, this notification was a good reminder about the digital trail each of us leave.
The Trails We Leave
In reviewing the information about this data breach, I discovered that it happened to a collection of websites that focus mostly on technical forums. It took me a while to figure out which of those sites I had registered on, and after checking each one I discovered an old account on a web development website. I didn’t even remember that I had an account on this site; after all, it’s been more years than I care to count since I last did any web development work.
After resetting my password on this account, I reviewed my history, and the last account activity I could find dates back to 2003. Yes, 2003 – back before Twitter or Facebook had even been created, before any of my kids were born, and before Napoleon Dynamite danced his way into movie history. People were still buying Compaq computers (remember the iPaq?), George W. Bush was still in his first term as President, and Friends was still on TV. The point is that 2003 was a lifetime ago, and yet the digital trail for a resource I hadn’t used in over a dozen years found its way to my inbox on a Saturday morning in 2016. Remember, the internet never forgets.
So what do you do with this? Very simply, be cautious of the trail you leave:
- Don’t reuse passwords. Ever.
- Keep track of the places where you have a login account by using a password manager application. There are many of these available, some of them even free.
- When registering for any type of online account, provide only the information needed for the interaction with that account. For example, registering on a technical forum shouldn’t require you provide a home address or phone number (even though the site may prompt you for that information).
- Do not register on or log in to a website that does not use a secure registration and login connection.
- Don’t be stupid on social media.
The digital trail a person leaves isn’t just a part of his life; it’s a historical record of it. It’s not just about reputation or how many followers one has. Our entire lives – professional, personal, medical, educational – are represented as much in the digital world as they are in the physical. Time doesn’t necessarily degrade that digital trail, so manage it wisely.
Always be aware of the trail you’re leaving, and be sure to do it as smartly as possible.