How does HIBC work?

HIBC is essentially a platform that allows you to find out if your email account has been compromised in a data breach. The concept works because almost every major hack results in data being leaked into the public domain. HIBC retrieves the data that has been leaked into the public domain and extracts all the emails from the data. Once the data has been parsed and the emails have been extracted, we merge all the emails into a giant database. You can then enter your email into our website; our system will take your email and proceed to run a query against our database which will confirm whether your email has been discovered in a data breach.

If your email has been discovered in our database, you are already a victim on a wide scale, but you probably haven't realized it yet. You need to take the appropriate steps to make sure you cannot be victimized on an individual level. It is much easier to take these steps at this stage, rather than when the situation escalates. If you follow the different practices that you can find below, you are drastically decreasing the chances of becoming a further victim.

Help! I've been compromised, now what?

If your email has been discovered in one or more data breaches, it means that you could become a further victim to serious crime. You can find a checklist below of all the things that you should instantly do to protect yourself, as well as further practices you can engage in to protect yourself in the future.

You should instantly change the password to the email account that has been discovered in one or more data breaches, along with any other online accounts that you have registered online. It is important that you change the password to all of them, even if you don't use them anymore because there could be personal information on your accounts about you that could assist a potential attacker.

Never use the password that was used for the account that was discovered in one or more data breaches again. That password has now been compromised, and any further usage of it could result in you becoming a victim of further attacks. It does not matter how easy it is to remember; you should never use it again. Can't remember the password you used? Set new passwords for all your accounts. It's better to be safe than sorry. The most common thing that an attacker will look for is common password usage. This has been the case in many massive hacks.

Consider the data that has been leaked in the data breaches that you have been affected by. Depending on the data that has been leaked, you may want to make other changes. Your goal is to render the data that has been leaked as useless as possible. Think from an attacker's perspective, the more useful data we find, the easier it is to victimize you. There's no such thing as being over cautious, and in the long run, it will do you good rather than bad.

Take into consideration the nature of the data that has been leaked. A classic example of this is the Ashley Madison hack that occurred in 2015. Due to the explicit nature of the data leaked in this specific hack, it was relatively sensitive. Almost every single email account in that data breach received more than one extortion attempt. Although there's not much you can do in this situation, consider using separate emails that you keep a serious distinction between. For example, keep your work email just for work matters and create a separate email for more personal matters.

Last but not least, never use the same password for more than one website that you use online. If you follow this piece of advice and a data breach occurs, your password would be limited to that specific platform which was a victim of a data breach.

If you follow all of the advice on this page, a potential attacker would have to go to extreme measures to victimize you. The most sensible logic that you should apply is the simple fact that whatever you type online will eventually end up in the public domain.