Data breaches are very commonplace now unfortunately. It is not news to hear that a social media platform was hacked with user information leaked. Just recently, Twitter suffered a data breach with 5.4 million accounts exposed. The contact details of those accounts are now on sale for $30K.
For content creators, this can be very serious, since creators rely on using various platforms for doing business, from promotion and marketing to collecting funds and fulfilling shipments. Your information is distributed across multiple online platforms at any given time, which increases your exposure to a possible hack.
So we decided that you need to know what exactly happens when there is a data breach. Today, we dive deep into the world of data breaches, what effects they can have on creators, and what you can do in order to protect yourself.
What is a data breach and how does it happen?
A data breach is when the security of a platform gets compromised. Once breached, external parties can get access to sensitive information such as, and not limited to:
- Credentials
- Personal information (address, name, etc.)
- Contact information (email, telephone)
- Financial information
Data breaches can happen in many ways. Many people think that they happen often because of determined and targeted attacks by hackers such as phishing, brute force attacks, or malware.
However, it can also very likely happen due to internal mistakes like password misuse, malicious insiders, software vulnerabilities, and just generally weak security. Of course, a data breach can have numerous reasons. The main thing to remember is that they’re complicated, and they happen not just because of the fault of hackers, but also because of lapses in internal data access control and other factors.
How does a data breach impact creators?
A data breach can be very harmful to you as a creator. It can cause a number of issues that will prevent you from carrying out your day-to-day business. Let’s take a look at some particularly bad ones.
Loss of your account
The first thing is that it puts your accounts at risk wherever you may use the same login information. If your Facebook information is leaked, it may not seem like a big deal because you may not be active on your Facebook. However, if you use the same passwords on your Instagram, email, and banking, you may lose access to all of these accounts. If they access your email or other social profiles, you may experience leaks from within those accounts such as the exposure of direct messages, emails, and private photos.
Exposure of Financial Information
Some platforms, such as subscription platforms, are more crucial for generation of revenue for creators. These have financial information that enable your earnings to be directed to your accounts. In the situation of a data breach, all of this could get out there. There is a lot of direct harm that bad actors can do with your financial information, which leads us to the next item.
Identity theft
When there’s a data breach, a lot of information about you and your finances could get released. Think about all the things that you enter into the platforms you use. There are birthdays, full names, addresses, contact details, and more. All of this is more than enough for criminals to commit identity theft, which can have a huge impact on your personal finances.
Even if you are not liable for expenses caused by identity theft, there are plenty of costs to cover. For instance, not only will you have to pay for increased credit monitoring, but you might have to deal with a reduced credit score, a negative impact on your ability to take out loans (such as a mortgage), and difficulty in opening new credit card accounts.
Doxxing
A real-life consequence of breaches can lead to doxxing, where partial or full information is revealed. A bad actor can use partial breach data to uncover your sensitive information and potentially use it against you. You may think that a phone number or email being breached isn't a big deal, however this information can be used to locate you in a dangerous capacity such as using phone records to locate your address, or your email to find your a legal name. As a content creator that relies on privacy to keep them safe, this information released to your fanbase can be especially high risk for your safety and long-term well-being. No creator really wants to get a surprise present delivered straight to their door unsolicited, or a surprise visit.
Content theft
Data breaches can result in your content being released due to the breach, or someone accessing your account and stealing the content. These images and videos may contain sensitive photos or videos, or may be premium content you do not want released for free. Once your content is stolen and redistributed, all of that is lost revenue.
Unfortunately, not all of these issues can be avoided. But there are certain actions you can take to reduce the chances that you’ll experience a breach. Let’s look at how you can protect yourself against data breaches.
What creators can do for themselves to minimize the risk of data breaches
Since data breaches can happen to anyone, it’s important to be prepared. You should take the necessary precautions to protect your account and your data. Let’s take a closer look at what you can do to protect yourself from data breaches.
Get yourself a password manager
Passwords are the first line of defense against hackers and data breaches. Unfortunately, most people use weak passwords that are easy to crack. A Google survey in 2019 found that 65% of people reuse the same password across multiple accounts, with 13% using the same password for all accounts. This can put all your accounts at a high risk of getting hacked. Using the same password for multiple accounts can also increase the chances that your accounts will be hacked. This is because if one of your accounts is affected by a data breached, hackers will have access to all your other accounts. A password manager can help you solve the password problem. They let you create complex passwords for each of your accounts while also storing them securely. Passwords managers also automatically enter your login information so you don’t have to worry about keeping track of your passwords. They’re one of the best ways to protect yourself against data breaches.
Separate your emails, or create more than one
Second, you should separate your work and your personal email. Almost everyone has a creator identity that is separate from their true identity. Not many people work under their real names. So it is not only advisable to do this, but it would be the intuitive thing to do, which is to keep an email in which none of your actual personal information would be stored and conduct business from there. This way, your personal information is not getting exposed, which minimizes the damage of the data breach and prevents doxxing.
Use burner information
When creating an account with a platform or a submission form you are unfamiliar with, consider using random information and not disclosing your true identity unless you are fully confident with the platform. You may not always have control of breaches, but you do have control over the information you provide to a website. Your data is valuable and permanent, so always consider making slight adjustments to protect yourself.
Use two-factor authentication
Two-factor authentication (also known as 2FA) is an extra layer of security that you can add to your account. When you enable 2FA for an account, you’ll be required to provide a second form of identification before you can access your account. This ensures that only you can access your account, even if someone knows your password. Many popular platforms, like Patreon, offer 2FA as a security measure. It’s important to enable 2FA on your account and make sure that the login information is correct. It’s also a good idea to change your login information every few months.
Why you need to be careful about picking which platforms.
But all of this is for nothing, if the platform that you are on makes a mistake on their end, and many times platforms fall short when it comes to protecting the data of their users.
BranditScan’s BreachAI tool found for their own users that 30% of passwords are plaintext and are ready to be used in a cyberattack method called credentials stuffing - a large-scale, automatic injection of stolen credentials into login forms.
Not only that, we’ve also discovered that 40% of these passwords could be easily decrypted as they use encryption algorithms that are no longer considered safe. BranditScan's BreachAI searches billions of leaked records for credentials and other sensitive information to inform creators when they may be at risk of a breach.
It’s important to watch out for security weaknesses in the platform of your choosing. Be careful when you try out new indie platforms or websites you may be unfamiliar with. Ask questions, and if the answers are not good enough, don’t bother with them. Your online safety is not worth the risk.
If you are looking to protect your brand and content online, try BranditScan for free.
