Is Your Personal Information Being Hacked…With Your Permission?

When you sign up for an account online, you are probably clicking the box that says you read the terms of service so that you can get on with enjoying what the website has to offer. The problem is that agreeing to those terms of services dictates how your information can be used by the website itself. If you are signing up for an email subscription or discount offer did you know you could be giving the website permission to sell your information to third-party marketing companies? This information is usually hidden within the terms and conditions of service.

But there appears to be more to the information security issue than meets the eye. According to Vox.com, two Danish researchers just released a study that involved 70,000 users of the dating website OKCupid. The problem is that the users had no idea their information was being used, and neither did the website.

Theft or Science?

Danish researcher Emil Kirkegaard says he used a “scraping” software to gather all of the information from the OKCupid 70,000 member database and used it in his study. While the software gathered every piece of information from every account, Kirkegaard defends his actions by saying that the information was already public. OKCupid countered that the information is only public on their forum, and that Kirkegaard had no right to use the information without consent.

The accounts have screen names that keep them anonymous, but that does not stop OKCupid from crying foul. The website is demanding that all of the report information be removed from the website it is published on, and it is also considering a lawsuit.

How Easy Is It To Steal Data?

Anand Prakash is a software engineer who found a way past Facebook’s security system that was actually easier than he expected. He found a way to use hacking software to get the password of any account he wanted, and then he went and told Facebook. He was rewarded with a prize of $15,000 for his findings, but his ability to crack into one of the largest social media platforms in the world raises concerns.

What Can You Do To Protect Yourself?

In the cases of OKCupid and Facebook, users were powerless to protect their profiles. In both cases, users expected the websites to protect sensitive data, and the websites failed to do so. One can only imagine what would have happened if Anand Prakash had decided to either use his Facebook hack for himself, or sell it to more devious individuals.

There are two areas to consider when talking about preventing your information from being hacked: legal and illegal means. To prevent your information from getting into the wrong hands legally, you need to read the user agreements on websites before you accept them. All user agreements must indicate whether or not the site sells data to third-parties, and you can opt to not be part of a website that will sell your data.

Having your information hacked by an outside entity is a different story. In order to use the websites that are getting hacked, you need to provide personal information that could get stolen.

Here is a list of tips you can follow that could help protect your data if a website you are on gets hacked.

  • Only use secure websites that have the “https://” address marker at the beginning of their address.
  • Always provide contact information that you can use to change your password if your account gets hacked.
  • Change your password often to prevent a hacker from being able to steal your account.
  • Create a username that is not easy to figure out.
  • Never log into your account from a public computer such as one at a library, and never log into your account using a public WiFi connection.
  • If you start to see suspicious activity on your account, report it to the site administrator immediately. If you get no answer from the administrator, the shut down your account.

Once you put your personal information on a website, you are taking the chance that your data will get stolen. By taking necessary precautions, you can help to protect your data from being stolen, or being used legally against your will.