Last.fm and LinkedIn clinch it: My scorched-earth policy

LinkedIn, eHarmony and Last.fm: three sites with little in common beyond, this week, the painful and embarrassing task of telling users that their personal information may well have been compromised. It's an increasingly widespread chore, too, as we drop our details into just about any new service that catches our eye. It's about time for a new attitude toward online history: a digital scorched-earth policy, as it were. Try, certainly, but then destroy.[Image credit: Gino]

These aren't the first password gaffes we've seen, of course. The great Sony hack of 2011 – which saw the credentials of millions lost from the company's servers, including credit card details and more – is perhaps the best-known of recent time, but it's certainly not alone. It's a fact of modern, digital life that, as we spread our online identities around, we're entrusting that infinitely valuable commodity to the best-efforts of third parties we often know little about.

Neither LinkedIn, nor eHarmony, nor Last.fm have revealed details of exactly how those password caches were let loose. It could have been a targeted attempt by arch hackers, or the online-equivalent of government officials forgetfully leaving briefcases full of confidential papers in cabs and on trains. Either way, though, there's a lesson to be learnt.

I'm not recommending never trying anything new online: never handing over your details, or experimenting with The Next Big Thing. After the usual safety precautions – does this look like the sort of company which itself can be trusted, and is there a solid privacy policy in place? – it's one of the joys of the digital age, playing with the latest and greatest in internet toys.

[aquote]I've left behind me a trail of logins and registrations[/aquote]

What's important, though, comes after. Like so many, I've left behind me a trail of logins and registrations; usernames and passwords, the former often identical across forums and services, sometimes linked with an email address too, perhaps even my real name and date of birth. I sample, consider and then most often move on, never thinking to tidy up behind myself.

It's that sort of breadcrumb trail which is causing many headaches this week. I don't have an eHarmony or Last.fm account, but I did register with LinkedIn a long time ago and, while I don't actively use the service, I made sure to change my password this week after news of the breach broke. Usually, though, the only time I remember LinkedIn exists is when an email telling me of a new connection drops into my inbox, to be promptly ignored or deleted.

Moving forward, then, I'm going to do my best to keep my electronic legacy neater, tidier. Register for the new services and apps, sure, but make sure to hit the delete account option after I'm done. And, if that delete button isn't clearly telegraphed among the privacy policy – if there's an easy way to sign up but no straightforward way to say goodbye – then I'm going to think long and hard about whether that's something I want to give my details to in the first place.

We talk so much about Facebook, and Google, and Microsoft, and others keeping track of us – peering into our emails, and our social connections, and more – but we seldom take responsibility for our own personal data security. If the password incidents of this week have given us anything, it's a wake-up call to clean up our digital footprints.