LinkedIn, eHarmony and Last.fm: three sites with little in common beyond, this week, the painful and embarrassing task of telling users that their personal information may well have been compromised. It’s an increasingly widespread chore, too, as we drop our details into just about any new service that catches our eye. It’s about time for a new attitude toward online history: a digital scorched-earth policy, as it were. Try, certainly, but then destroy.
[Image credit: Gino]
These aren’t the first password gaffes we’ve seen, of course. The great Sony hack of 2011 – which saw the credentials of millions lost from the company’s servers, including credit card details and more – is perhaps the best-known of recent time, but it’s certainly not alone. It’s a fact of modern, digital life that, as we spread our online identities around, we’re entrusting that infinitely valuable commodity to the best-efforts of third parties we often know little about.
Neither LinkedIn, nor eHarmony, nor Last.fm have revealed details of exactly how those password caches were let loose. It could have been a targeted attempt by arch hackers, or the online-equivalent of government officials forgetfully leaving briefcases full of confidential papers in cabs and on trains. Either way, though, there’s a lesson to be learnt.
What’s important, though, comes after. Like so many, I’ve left behind me a trail of logins and registrations; usernames and passwords, the former often identical across forums and services, sometimes linked with an email address too, perhaps even my real name and date of birth. I sample, consider and then most often move on, never thinking to tidy up behind myself.
It’s that sort of breadcrumb trail which is causing many headaches this week. I don’t have an eHarmony or Last.fm account, but I did register with LinkedIn a long time ago and, while I don’t actively use the service, I made sure to change my password this week after news of the breach broke. Usually, though, the only time I remember LinkedIn exists is when an email telling me of a new connection drops into my inbox, to be promptly ignored or deleted.
We talk so much about Facebook, and Google, and Microsoft, and others keeping track of us – peering into our emails, and our social connections, and more – but we seldom take responsibility for our own personal data security. If the password incidents of this week have given us anything, it’s a wake-up call to clean up our digital footprints.