Proton
Data breach prevention illustration

The Internet is full of information about what companies should do to keep consumers’ personal data safe from hackers. And there’s plenty of advice for consumers who have already been the victim of a data breach. (You can read our article on the Proton VPN blog about what to do if you were the victim of a data breach(nové okno).)

But there’s very little guidance for consumers on how to keep their data safe in the first place. In fact, Quartz reported after the Equifax breach that we should just assume our data will be stolen(nové okno).

Part of our mission at Proton is to build an Internet where data breaches are an anomaly, not a given while mitigating the damage when a breach does occur. There are, of course, regulatory and technological solutions to the increasing trend of data breaches. However, there are also steps individual consumers can take to prevent their data from being exposed.

In this article, we’ll give you 5 simple steps you can follow to decrease the likelihood that you’ll be a victim of a significant data breach.

1. Reduce the amount of information you give out

This isn’t always possible or practical, but companies can’t expose data they don’t have. It’s the most sure-fire way to mitigate your risk of a data breach. In the case of medical or financial information, our control is limited. Banks, credit bureaus, and other financial institutions collect your data often for regulatory purposes or through agreements you can’t opt out of.

But other companies — particularly websites operators like Google, Facebook, or Twitter — usually only collect and store information that you allow them to have. For example, this article shows you how to delete your Google data(nové okno). In the early days of Facebook, many people treated photo albums as cloud storage. But multiple privacy and security breaches at Facebook(nové okno) have shown that information stored on the company’s servers is not necessarily safe. Privacy settings are not a solution because the data is still vulnerable to breaches, even if your friends and followers can’t see it.

You should only store information online that you wouldn’t mind showing to everyone. (Encrypted cloud storage is the one exception to this rule, which we’ll cover more below.)

2. Use aliases when possible

Websites are hungry for data, but sometimes they don’t really need it to provide you with a service. For example, airports may ask for your name, phone number, and email address to access free WiFi. Or a liquor company may ask for your date of birth to verify your age before entering their site.

Unless you have to, don’t give companies your real information. While this is obviously not advisable for your shipping address or the name on your airline ticket, there are many situations where an alias or fake birthday works just fine. Proton Mail allows you to create aliases and multiple email addresses, which you can provide instead of your main email address. You can also create secondary social media accounts with limited personal details whenever a website asks for your profile link. If a site requires an image, consider using an illustration or something that’s not your real face.

3. Research companies’ security record before doing business with them

With so many major companies(nové okno) falling victim to data breaches, it’s not always possible to do business only with companies that have never had an incident. And there may be other factors like price and convenience that weigh into your decision. But if it comes down to Marriott(nové okno) or another hotel, or British Airways(nové okno) or another airline, you may find it easier to choose the company with a better IT security record.

4. Use end-to-end encryption

The most secure way to store and send information online is through services that use end-to-end encryption. We have previously explained how end-to-end encryption works, but here’s the brief version: when you send a message or store information on the cloud, the data is encrypted before it leaves your device and it can only be decrypted by you or the people you choose to share the data with.

End-to-end encryption adds an extra layer of protection to your sensitive information. Even if your files are exposed in a data breach, those files cannot be decrypted and thus remain safe. A variety of online services employ end-to-end encryption, including instant messaging apps, video and voice calling, cloud storage solutions, note-keeping apps, and email. Proton Mail automatically applies end-to-end encryption to all of your messages. It even allows you to send end-to-end encrypted emails to other email services. 

5. Use strong passwords

Most people don’t have to worry about the NSA or a hacker targeting them specifically and trying to crack into their accounts. For most of us, it’s important to use a strong, unique password for your online accounts in case the website’s password database is breached. 

Proton Mail uses the Secure Remote Password protocol to authenticate users, which means we don’t know what your password is and a hacker cannot steal a “list” of all our users’ passwords. But other websites store your password on their servers in an encrypted form that can conceivably be cracked by hackers who obtain the password database. That’s why we recommend following the tips in this guide to creating a strong password.

You should also use a unique password for all your accounts and devices. That way if one password is breached, your other accounts remain secure. Two-factor authentication can also protect you in the event your password is exposed.

There’s no way to completely protect yourself from a data breach, short of abandoning the Internet. But these steps can help mitigate your risk. Sign up for Proton Mail(nové okno) today and minimize how much data you share with any organization to avoid having your data exposed in the next breach.

Best Regards,
The Proton Mail Team

Související články

A phone screen with a speech bubble with a phone number in it
en
Your email address and passwords aren't the only information hackers can use to scam you. Here's what someone can do with your phone number — and how to protect it.
A web application screen with an unlock icon in the bottom right corner
en
Your best defense against a data breach could be improving your web application security: Find out how Proton Pass can help.
Investigative journalist Vegas Tenold explains the gear he uses to protect his privacy and stay safe.
en
  • Novinky o soukromí
Follow investigative journalist Vegas Tenold as he explains his gear and how it keeps him safe from surveillance as he works in the field.
Coinbase, the largest Bitcoin exchange in the US, suffered a data breach
en
  • Novinky o soukromí
  • Proton Wallet
Coinbase employees sold sensitive personal information to attackers, including government IDs and BTC transaction history. Proton Wallet is built to avoid these risks.
Whistleblower's whistle. Journalists must use secure channels to communicate with whistleblowers.
en
  • Průvodce ochranou soukromí
Whistleblowers risk everything to expose the truth. This guide helps journalists keep their sources safe using secure tools like Proton Mail, Signal, and SecureDrop.
An image showing a phone screen with a child icon and three icons with '17+' '8-12' and '3-5' to indicate age ratings
en
  • Průvodce ochranou soukromí
Parents can help their children develop healthy screen habits by learning about dark design patterns — Proton investigates how