Sim-swapping, identity theft, and database hacks are extremely common these days. It's incredibly easy for hackers to use one account (say your email or cell phone account) to get access to every other account you have. Scary when you think about how we all manage our banking, 401ks, and pay taxes online now.
Here are some basic steps you can take to up your security level. They will take an afternoon of work, but prevent weeks of pain if you are ever targeted:
- Reset all your passwords. Each account should use a 16+ character, randomly generated password. I like strongpasswordgenerator.com for this.
- Store all passwords in a password manager (Last Pass, Encryptr, or Keeper are my favorites).
- To make your password manager "master password" secure, use a passphrase made of words. This site tells you how to make one: https://www.useapassphrase.com/
- Memorize this passphrase, do not store it digitally
- Do write it down and store it in a safe place in your house or a lockbox. If you lose it, you will lose all your passwords, so this is important.
- Set a strong pin for your cell phone carrier's access, or tell them to lock your account so that changes can only be made in-person.
- Enable two-factor authentication for every account possible.
- Never share passwords in email. Use Privnote.com to create one-time links to passwords that self-destruct after read.
- Freeze your credit. This requires creating pins with all the credit bureaus, but it'll help minimize further identity theft risk. You'll also have to un-freeze your credit before making any hard hits on your credit, so plan ahead (it takes 1-3 months to unfreeze).
- Disable storing passwords in Google Chrome. This allows attackers eith your GMail access to all your accounts at once.