A man in a mask stands watching as someone uses their mobile phone

Prostock-studio/Shutterstock rangizzz/Shutterstock (Licensed) Cole Mitchell

The definitive guide to protecting your private information online

How to keep your info secure in the data breach era.

 

Mikael Thalen

Tech

Published Aug 26, 2021   Updated Aug 30, 2021, 12:25 pm CDT

With so much of our lives now conducted online, it can feel overwhelming trying to remember all the services that have access to your information. Whether your email address or credit card number, it seems nearly all of our personal data has made its way online, whether we realize it or not.

Data breaches have become a common occurrence. It’s no longer shocking to see headlines detailing the exposure of billions of people’s private information. 

Chances are, some of your personal information has been part of a data breach, which means trying to limit that exposure isn’t a farfetched idea—it’s something you should be actively trying to fix. 

Although data breaches are an inevitable and unfortunate reality, steps can be taken to limit the fallout.

While you’re here, you may also be wondering about antivirus software—since protecting your personal data should start with protecting your actual devices themselves, whether it’s a laptop, desktop, smartphone, or tablet.

Luckily, many devices now come with antivirus capabilities built-in or pre-installed. The upside to antivirus software is that it can thoroughly monitor and scan your devices to look for viruses and malware. 

But the downside is that antivirus software, more so than most other tools, is granted widespread access to all your files. This is why it’s important to use trustworthy antivirus tools.

Of the numerous great products, the Daily Dot recommends Malwarebytes

The free version of Malwarebytes will let you detect and remove a host of threats from your computer. For those looking for added features, such as active monitoring, Malwarebytes offers a premium service for $39.99 per year. 

But remember: Most antivirus tools—including the free version of Malwarebytes—require you to run the scan manually. Some tools may let you schedule regular scans as well. Available for Windows, iOS, Chrome OS, and Android, Malwarebytes will add an additional layer of security for your personal data.

Now that you have a way to protect your device, let’s take a look at how to protect the personal data you have online. 

EASY: How to better protect your personal data

As the Daily Dot has covered in previous guides, utilizing password managers, using unique and strong passwords on every online service, and enabling Two-Factor Authentication (2FA) are the single-most important steps you can take to secure your online accounts.

But what else can you do? 

Luckily, there are free services that can alert you when one of your accounts has shown up in a data breach. 

We’ll show you how to sign up for these alerts so you can monitor your accounts with ease and change your passwords if an account is compromised.

‘Have I Been Pwned’

Have I Been Pwned (HIBP) is a free service that lets users check a massive collection of data breaches to determine whether their information may have been exposed. “Pwned” is a term, generally used in gaming, to describe being defeated in an epic manner. 

HIBP currently hosts information on a staggering 10,636,448,269 stolen user accounts linked to some of the biggest data breaches and pastes ever discovered. “Pastes” refer to large lists of login credentials that hackers post on sites such as Pastebin.

Just recently, HIBP added a way to check if you were a part of the massive Facebook data breach. 

Step 1: How to search ‘Have I Been Pwned’

Utilizing HIBP is as simple as putting your email address into the site’s search bar. Use multiple emails? Make sure to search for every one.

If your email isn’t present in any of the breaches listed by HIBP, you’ll receive a response that states “Good news — no pwnage found!” 

But, if your email has shown up in a listed breach (which let’s face it, is probably more likely nowadays) you’ll instead receive a response that states “Oh no — pwned!” 

HIBP will also tell you the number of breaches or pastes your emails have appeared in and list them each out.

If HIBP notes that one of the breaches listed included passwords, make sure to take action

Even if the breaches mentioned are years old or from services you haven’t used in a long time, such leaks can still pose a security issue

Given that everyone at one point or another has reused passwords, one of those breaches could include login credentials that may allow hackers to obtain access to your other accounts online. This is why it is important to use a password manager and to create unique and strong passwords for every service you use.

Step 2: How to sign up for ‘Have I Been Pwned’ alerts

Now that you’ve checked whether any of your email addresses were included in the breaches hosted by HIBP, it’s time to sign up for alerts so that you can be notified if it happens again in the future.

To do so, first click the Notify me link at the top of the HIBP website. Next, enter your email address and complete the captcha. Remember to do this for every email you wish to receive alerts for. 

HIBP will send a verification email to all the accounts you entered. Make sure to log in to each email and click the Verify my email link. If one of your accounts appears in a breach in the future, you will receive an email alert.

Getting an alert will allow you take action quickly by immediately changing passwords, which can curb any potentially compromised accounts. 

Step 3: How to search ‘Pwned Passwords’

HIBP also offers a service to let you know whether a specific password has shown up in a data breach. To protect online users’ safety, HIBP does not link any password to any email or any specific breach. Still, it can be a useful tool to determine whether a password you use is among the more than 613,584,246 breached passwords hosted by HIBP.

To use the service, select the Passwords link at the top of the HIBP website. Next, enter a password into the search box provided. HIBP, which is a reputable, trusted, and well-known website, will not keep any password you enter.

If the password you enter has not appeared in a data breach hosted by HIBP, a notice will state Good news – no pwnage found! If the password you enter has appeared in a data breach hosted by HIBP, a notice will instead state Oh no – pwned! 

HIBP will also tell you how many times that specific password has shown up in breaches. If a password you enter has been compromised, make sure to immediately change it on whatever service you use it for. 

Before You Go:

HIBP is a great service for adding another layer of security to your online life. While it has its limitations, it remains quick, easy, and free to use. 

Here are some frequently asked questions you may be thinking about as you work to further secure your personal data.

  • If none of my emails are listed by HIBP, does that mean I’ve never been in a data breach?

HIBP only lists emails and passwords from data breaches it has been able to acquire. If your email doesn’t show up, that doesn’t necessarily mean that your data has never been compromised. Countless data breaches go undetected for years and sometimes are never discovered at all. 

  • What if I don’t want my email to be searchable on HIBP?

For those who would rather not have their email be linked to any breaches, HIBP does offer an opt-out feature. Simply enter your email address and click the link in the verification email HIBP sends.

  • Are there any other services like HIBP?

Other services similar to HIBP include BreachAlarm and Dehashed. Although both are free, Dehashed requires you to set up an account to use it. Users can, however, look up their emails and other information such as phone numbers to see if they have appeared in any data breaches.

If you’re ready to learn even more ways you can secure your personal data online, make sure to check out the Daily Dot’s next guide on how to actually remove some of your personal data from the internet.

___

MEDIUM: How to remove your personal data from the internet

When it comes to protecting your personal information online, one often-overlooked issue is the countless services that collect and sell your most private data without your knowledge. 

With just a simple search online, nearly anyone can find another person’s home address and phone number thanks to the proliferation of data brokers.

Data brokers collect and sell information that can include everything from your online shopping habits to your search history. Sites that allow you to look up people by their name often acquire this data. That information can be used by everyone from private investigators to predators looking to harass and stalk users online and in the real-world.

Yael Grauer, an investigative tech reporter with Consumer Reports who specializes in such topics, explains just how much data can be found through such services online.

“People search sites comb through public records, commercial sources, and social media to compile a dizzying amount of information about people without their knowledge, let alone consent,” Grauer says. “This can include your contact information, including your home address.”

But there’s some good news: You can take steps to try and get your personal information off these sites. 

How to opt-out from data broker sites

Luckily, many data brokers offer users the ability to request that their data be removed. While the task can be very time-consuming, it costs nothing and can increase your security and privacy online. 

PROS

  • Opting-out is free
  • Straightforward process
  • Enhances privacy

CONS

  • Time-consuming
  • Data can reappear
  • Doesn’t affect new data brokers

The Daily Dot will walk you through the manual opt-out process for three large data brokers that may be hosting data including your name, address, and phone number. 

Once contacted, the data brokers should have your information removed within a few days.

Removing your data from Spokeo

Spokeo is a prominent data broker with access to billions of records, including property records, court records, and business records. In order to have your data removed, you’ll first want to find your file. 

Step 1: Locate your file

To do so, simply head over to spokeo.com and enter your name into the search bar.

Step 2: Request opt-out

Once located, copy the URL for your profile and head over to spokeo.com/optout. From there, paste the URL into the box provided, enter your email, and complete the captcha.

Step 3: Verification

Next, check your email and click on the verification link sent by Spokeo. You should be redirected to a message from Spokeo confirming the opt-out process has begun. On average, Spoke takes around three to four days to complete such requests. 

Removing your data from Whitepages

Step 1: Locate your file

First, head over to whitepages.com and enter your name and city in the search bar. After finding your file, click on the View Details button.

Step 2: Request opt-out

Next, copy the URL for your file and head over to whitepages.com/supression_requests

From there, paste the URL into the box provided and click on the Opt-out button. You will be asked to confirm that you do in fact want the file removed by pressing the Remove me button. Whitepages will ask you to provide a reason for why you are opting-out. After providing an answer, simply click the Submit button.

Step 3: Verification

Whitepages will ask you to provide a phone number in order to verify your identity. After entering your number, check the box to confirm your opt-out and select Call now to verify. You will then receive a call including a 4-digit verification code.

Enter that code into your phone when you receive the robocall from Whitepages. Your file on Whitepages should be removed within 24 hours.

Removing your data from BeenVerified

BeenVerified is yet another data broker with access to a wide-array of records on millions of Americans. To have your data removed, you’ll first need to locate your file. 

Step 1: Locate your file

To begin the opt-out process, enter your first and last name in the boxes provided at beenverified.com/f/optout/search

Next, locate and click on the arrow on your file.

Step 2: Request opt-out

When prompted, enter your email and complete the captcha. Next, select the Send Verification Email button in order to submit your opt-out request.

Step 3: Verification

BeenVerified will send you an email to verify your request. 

After Clicking the Verify Opt-Out button at the bottom of the email, you will be redirected to the BeenVerified website and informed that your request was confirmed. Your records should be removed within 24 hours.

That’s it! You’ve now requested to have your data removed from three of the biggest data brokers online. 

Before You Go:

Manually requesting to have your data removed by major data brokers is a great first step in taking back some of your privacy online. 

Here are some frequently asked questions you may be thinking about as you work to further secure your personal data.

  • What if none of my data is listed on these sites?

If you cannot locate your file on one of the sites mentioned it does not indicate that your personal information is safe from data brokers. It could just mean that your file includes error, such as misspellings, or that your data is being hosted on other sites.

  • Is my data gone for good when I opt-out?

Unfortunately, no. Your data can reappear on the very sites you opted-out of. So you should regularly keep an eye out for your information popping back up. 

  • Are there other sites hosting my information?

Yes. If you’d like to manually opt-out of other sites as well, the journalist Yael Grauer currently hosts an extensive list of links to opt-out pages on people search sites.

Manually requesting to have your personal data scrubbed from people search sites may be free, but it is also time-consuming and often temporary in its success. 

In the next guide, the Daily Dot will introduce you to a paid service that can continually remove the data for you.

HARD: Services to remove your personal data

As we discussed in the previous guide, one way to better protect your personal information online is to opt-out of people search sites. These sites purchase information on millions of Americans from data brokers, allowing just about anyone to find everything from your home address to court records with just a few clicks. 

But manually requesting to have your data removed from such sites has numerous downsides

Aside from being time-consuming, your data can often reappear on the same sites weeks after you opted-out. And with dozens of sites offering up your information, having your data removed from the biggest sites may not stop a determined individual from finding it elsewhere.

Luckily, services exist to do all this work for you

But these services aren’t free, so you are paying for convenience. For an annual fee, a company will not only request to have your data taken offline, but will continually monitor these sites to make sure your data doesn’t return.

In this guide, the Daily Dot will walk you through using DeleteMe to handle the heavy lifting of removing personal information from websites online. 

How to use DeleteMe to remove your personal information from the internet

DeleteMe is a paid service that will remove your data from 41 different websites. Boasting more than 20 million personal listing removals, DeleteMe is the best choice for those willing or able to financially invest in improving their privacy.

PROS

  • Thorough
  • Easy to use
  • Enhances privacy

CONS

  • Annual fee
  • Can’t remove all data
  • Only available for U.S. residents

The Daily Dot will walk you through the signup process for DeleteMe, explain its different subscription tiers, and show in detail how the service works.

Signing up for DeleteMe

Now that you’ve decided to sign up for DeleteMe, head over to joindeleteme.com so you can choose the subscription plan that works best for you.

Step 1: Choose a subscription plan

After clicking the Join Now button at the top of DeleteMe’s website, you’ll be presented with three subscription plans. Examine the options below to determine which plan you prefer.

  • Standard Protection: $129 per year for 1 person.
  • Most Popular: $229 per year for 2 people.
  • Best Value: $349 for 2 years for 2 people.

Now that you’ve selected a plan, click on the Start Protection button.

Step 2: Provide your information

Next, you’ll be asked to create an account. Enter an email address and a unique and strong password. You’ll also need to provide a billing address and payment information. 

Make sure to agree to the terms & conditions and then select Purchase & Start Deleting. 

Step 3: Verification

DeleteMe will send you a verification email in order to activate your account. 

After clicking the link provided in the email, you will be redirected to the DeleteMe website where you can now login. 

Step 4: Complete you profile

DeleteMe will present you with an online form asking for your name, any aliases, date of birth, as well as any phone numbers or addresses you have had over the years. 

DeleteMe will use this information to locate and remove any matching data online.

Step 5: Provide ID

You will next be asked to upload a photograph of your primary identification card, such as your driver’s license. This is to confirm that the information provided actually belongs to you.

Step 6: Confirm and submit

DeleteMe will ask you to look over the data you provided to verify that it is correct. Once you confirm that the data is accurate, you are good to go!

How DeleteMe works

Now that you’ve set up your account, DeleteMe can begin contacting data brokers on your behalf

DeleteMe will send you your first privacy report in around 7 days to let you know what sites have removed your data. Some sites take longer than others and DeleteMe will inform you of its progress.

DeleteMe will also state which sites did not contain your data. 

Once DeleteMe successfully has all of your data removed from its list of sites, the service will check back every 3 months to make sure it hasn’t reappeared as long as your subscription is active.

This solves one issue in doing it yourself: DeleteMe will keep an eye out for information being reuploaded instead of you having to keep watch periodically.  

Before You Go:

DeleteMe is a great service to significantly reduce your digital footprint online, making it significantly harder for a malicious actor to find your personal data. 

Here are some frequently asked questions you may be thinking about as you work to take back your information from data brokers.

  • Will DeleteMe take my information down from everywhere?

DeleteMe removes data from the specific services listed on its website. While the list represents some of the biggest names in the industry, it may affect information hosted by other data brokers.  

  • Can DeleteMe remove me from Google search results?

No. If information about you can be found through a Google search, you must contact the specific websites the data is hosted on. If Google locates one of your social media profiles, for example, make sure to check your privacy settings on that particular platform.

  • Are there other services similar to DeleteMe?

Yes, several other services exist that can likewise find and remove your data. Based on reviews and discussions with experts, the Daily Dot can also recommend the service Kanary. As stated in a previous guide, those looking to do the work of opting-out themselves can rely on free information as well.

Share this article
*First Published: Aug 26, 2021, 8:29 am CDT