Got an email in the wee hours of the night last night stating that my info was detected on a black market site, so I checked the alert on here.
The only details it gives me are "creation date" of yesterday 7/27/2016, and email address, shown as several *'s and a few letters of one of my old email addresses, typed in alternating case.
I changed the password on that account just to be safe, but I'm not sure if I should be doing anything else regarding this, since the alert doesn't seem to indicate what exactly is on that black market site? If it is literally just an email address for a spam email buyer, I don't care because that account has never been used for anything financial anyway, and gets double SPAM filtered as it is.
Forgot to mention that I have two-factor authentication on that email account anyway, so even if they had the old password they would never be able to log in - but again the alert doesn't say anything about a password, just a date and an oddly-typed partially obscurred email address.
What do you guys suggest?
I have received that alert twice, both times with an email address that I don't use for my credit card sign ins. Not sure what to think of that alert.
So probably nothing to worry about? Just out of curiosity I checked the account activity and this is what comes up:
The Successful sign-ins are my IP address (obviously), and I made sure two-factor authentication is indeed still enabled, so there basically zero chance that anyone in China or Taiwan can log into that account anyway. I don't use it for anything important, and haven't even entered it in any websites probably this year at all.
You should change any other password associted with that email. The login details that were found could be from the email provider or from any account associated with that email address be it a bank, Facebook, etc.
The best way to protect yourself is to always use a different password for every site and make sure they are strong passwords. A strong password doesn't contain dictionary words or persoanlly identifiying information like your SSN or DOB. Best way to go about it is to use a password manager that generates random passwords that look something like this: @47Aw7w65f%3*t9