An Alliant Visa Platinum credit card could help you take control of your finances.
Consolidate debt, pay for home renovations or cover an emergency expense with an Alliant Personal Loan.
A HELOC could be helpful when large expenses come your way, whether they’re planned or unexpected.
Work toward your savings goals — college, a down payment or the holidays — with a goal-specific Supplemental Savings account.
Alliant helps your money make more money with high deposit rates and low loan rates.
Return to The Money Mentor Blog
By Pam Leibfried
If you haven’t yet heard about the ominous-sounding “Collection #1” data breach, you’ll be seeing it in the news soon. Collection #1 has been called “the mother of all breaches” due to the scope of the data released. Below is some background on this breach, along with tips for how to tell if your info is part of the breached dataset, and what to do if your email and password were compromised.
And before we start talking about Collection #1, I want to assure you that we know of no Alliant data that is part of this breach. We’re writing about it only because we want to help you be aware and alert when there is breaking news about data breaches so you can better protect yourself and your family.
In mid-January 2019, a dataset of over 700 million email addresses – many including account passwords – were released for sale onto the so-called “dark web.” This breach is believed to be from several different sources rather than from a single company, which is why it has been dubbed a “collection.”
Given how many email addresses were part of this breach, it’s safe to assume that at least one of the email addresses that you use was compromised.
If you’re really curious and have some time to do research, there are some “white hat” sites online that let you search for your email address(es) in a database of known breached emails. One example is the Have I Been Pwned (HIBP) site. (If that name confuses you, it might help to know that “pwned” is gaming slang for dominating or “owning” another player in the game.)
Please note that neither HIBP nor any other such site is a partner or vendor of Alliant’s, and we can’t vouch for the accuracy of their information. That’s why we’re recommending that the safest course of action is to assume that your personal emails were part of this breach and act accordingly.
When your email account has been compromised in a breach — or you suspect it has been — what should you do? I consulted Alliant’s Information Security team and they recommended some concrete steps you can take to better protect your identity and account security.
We recommend that the safest course of action to help ensure that a breached email/password combination won’t make you vulnerable to fraudsters is to immediately log into that email account and change your password.
Many people reuse the same username on multiple websites or use an easy-to-hack username like their first initial and last name or their full name as one word. These usernames make you more vulnerable to fraud. For example, if my name were Jane Doe and I used jdoe, janedoe or Doe as my username, it would be easy for fraudsters to figure out.
If you are using an easily hackable username like the example above on any of your financial accounts, you should instead use a strong, hard to hack username. Basically, think of your username as being like a second password, and make it just as difficult to hack. If both your username and your password are strong, you’ll reduce the likelihood that any of your accounts can be hacked.
In addition to changing your email account password, you should stop using that old, potentially compromised password on any other accounts currently using it.
Although we have previously recommended to our members that they should never use the same password on multiple sites or accounts, we know that some people do reuse passwords. If you are one of those people, you need to go through any account that is using the old password and switch to a strong, unique password.
Changing a password that may have been breached is especially critical if you were reusing the email and password from one of your email accounts for any of your financial accounts or for shopping sites on which you have “saved” your credit card payment info.
One of the best ways to know if your financial accounts have been compromised is to watch them like a hawk. But let’s be realistic. If you’re like me, you don’t always remember to log in to check for fraudulent activity. But you can still monitor your account with minimal effort using Alliant’s alert system.
You can opt in to get an email alert whenever anyone logs in to your Alliant account, so you’ll know immediately if someone other than you is attempting access. Or you can opt for us to email you when specific account transactions occur – any withdrawal or transfer or debit transaction over $50, for example. Alerts can be set up and customized on the Manage Alerts page in Alliant Online Banking. Alerts are easy to set up, and you can find out how in our automated alerts blog post.
If your information has been compromised and you’re stressing about it, there are two other actions you can consider to give you some peace of mind and help protect you against fraud and identity theft: fraud alerts and credit freezes.
Pam Leibfried is a marketing content specialist whose love of words led to a writing and editing career. After a brief stint teaching English, she transitioned to corporate communications and spent 20 years at The Nielsen Company before joining Alliant’s content development team. Early in her work life, Pam’s friend Matt explained the benefits of a 401(k) and her dad encouraged her to start a Roth IRA. Their good counsel prompted her to prioritize retirement savings, which just might enable her to retire early so she can read more and live out the slogan on her fave T-shirt: “I have a retirement plan: I plan on quilting.”