Five Steps to Protect Yourself From the Latest Data Leak

You probably haven't heard about one of the most recent data leaks. But if you're one of the millions of Americans using online grocery delivery, you need to know about it...

Back in April, about 278,000 customer accounts from Instacart – one of the largest grocery delivery services – appeared for sale on the dark web, the Internet's black market. That means hackers could have purchased your account's data, including your name, address, and last four digits of your credit card.

Instacart denies the attack, but it's clear that something happened to compromise the data. According to online security experts, the data hack either occurred directly through Instacart or through a phishing scam directed to their customers. Phishing e-mails pose as messages from companies that ask you to verify your information. They might even have you click to go to a counterfeit site that will log your info and use it to steal your data.

Now, this isn't the largest data hack we've reported on in Health & Wealth Bulletin, and it definitely won't be the last. And any of these hacks could mean your personal information is out there for criminals to steal.

Part of the concern is the online shopping boom we're seeing. It's no surprise that online shopping has surged during the COVID-19 pandemic. According to market research firm eMarketer, we'll likely see an increase in online shopping of at least 18% this year. But that increased traffic leads to some unexpected outcomes... namely, an increased number of data leaks.

With more folks than ever shopping online, it's a good time to remind you how to do so safely. So today, we're sharing five of our best tips to help protect yourself online...

1. Change your passwords... and use better ones. Regular Retirement Millionaire readers may remember that we detailed an entrepreneurial 11-year-old this past December who may have found a way to create "unhackable" passwords...

Mira Modi of New York started a business generating passwords by hand and mailing them to her customers. Mira uses an old system of encryption called Diceware. She rolls a certain number of dice and matches the corresponding numbers to preselected words on a master list. You can find her work here.

You get six words that are easy for you to remember... but difficult for computers to hack. With each word chosen, you increase your security. A six-word phrase from the 7,776-word list would take 3,505 years to crack (at 1 trillion guesses per second).

2. Guard your password. Some websites now offer something called "two-factor authentication." Two-factor authentication requires your password plus another piece of information to log in to a website. For example, they'll send a code to your e-mail or mobile device associated with your account that you'll have to enter. I love using this feature.

Many companies – including Google, Apple, Microsoft, and the password-manager service LastPass – give you the option of using two-factor authentication, as do many banks, brokerages, and credit-card companies.

PC Magazine also has a guide on how to set up two-factor authentication on some websites. You can read it here.

3. Only use trusted sites. Whenever you enter your credit-card number, always look for the letter "s" at the end of the URL's "http." It should say "https://" before the rest of the site's address. In most browsers, an icon of a closed padlock will appear as well, either next to the URL or at the bottom of the screen.

The lock means it's an encrypted website. Without encryption, hackers can potentially access your information.

4. Check the spelling. Make sure you're at the right URL. Many scam-based websites will look almost like the real thing. Sites with ".co" after them are often fake sites and may also have hackers lurking.

And if you aren't familiar with a retailer's website, check for a designation from the Better Business Bureau, and be sure to read some reviews from past customers before filling in your personal information.

5. Always check for an order receipt. Print out the confirmation page on your computer or save the confirmation e-mail. And make sure to check your credit-card statement to ensure the charges are correct. Check that day and again a week later to make sure extra charges didn't slip in after your initial purchase.

Practicing common sense safety while online will keep you and your private information secure. These tips are just the beginning. We've covered many other ways to protect your data in Retirement Millionaire. You can read about more ways to stay safe both online and in person in our special report, "Safeguard Your Privacy: Four Areas of Your Life You Need to Protect." Click here to read it now.

What We're Reading...

Here's to our health, wealth, and a great retirement,

Dr. David Eifrig and the Health & Wealth Bulletin Research Team
July 30, 2020