I want to start out by giving some anonymous introduction first. I am a girl from India and currently I’m a minor.(17)
As the title says, I registered an account with Slick, and Indian alternative to the social media Gas, and now a recent report has made me aware of the data breaches suffered by the company. The breach includes disclosure of my full name, profile photo, date of birth and mobile number, all of which are currently in public domain at the present.
Is there a service that could maybe you know tried to delete information leaked in a branch like this and is available world-wide? Like Delete Me?
It’s just creepy to have someone with evil intentions to have my name, phone number and profile photo, and I know the I’ve already made my choice to have my face out there in the internet by uploading a profile photo in the first place, but now that this breach has occurred and has opened my eyes to online privacy, I kind of can’t help but be paranoid about it. It’s really creepy and any help in the form of advice would be appreciated.
As a current user of DeleteMe, you can use there services to delete your public profile as it reappears if it has been published or to monitor and inform you if your data becomes publicly traded.
So it’s really about just doing what you can to reduce damage at this point. The most obvious thing to play with is your phone number. I’m not sure what the VOIP situation is like in India, or if getting a new or changing your phone number is something within your control - but if you’re able to move your accounts away from the public number that would be a good step to take.
You can’t change your name being exposed online, but you can try to change your name on other services you use, same with DOB, profile photo, etc. (when legal to do so)
A way of looking at this is to try and keep this data breach as separated from everything else as you can. Not sure if emails were caught in this, but be sure to use different emails for different services. (easy with SimpleLogin) You should already be using different passwords, check for 2FA on your other accounts, etc. Once the breach is done there’s nothing to directly do about it, but you can work to lock down other account to prevent the shared data between services from biting you in the ass and causing further damage.
If you haven’t already, I recommend using aliasing tools like VOIP solutions (again, not sure what the situation is like in India), email aliasing like SimpleLogin, and being careful with where you’re handing over any payment information online. Then there are the staples of using strong unique passwords, and getting 2FA setup on all accounts.
I don’t believe Abine DeleteMe and similar services are supported in India, so that’s another consideration. I’m not fully versed in what services are available to you.
Hello! I am from India so I can point out few things here in Henry’s suggestion.
As far as I know, VOIP is not available for individual use in India, I have seen VOIPs only providing services to businesses. Also as far as I know, most services like Deleteme are not available for India.
So as henry suggested, what you can do now are following:
First of all, do not get panic. Try a self-analysis of which services you use or have signed up for, and slowly change the previous information like email, phone number to new one, try to delete unnecessary accounts and services. Getting a new Sim card in India is not much difficult. And you can also request for deactivation or blocking of your previous mobile number to carrier operator. Your breached information can be reduced to just DOB, full name and profile photo by changing all other information. This is still essential information about individual but I don’t think we can do anything about it now. Learn things from this whole incident and look at it as a lesson for future.
Its okay , everyone of us have been there atleast once , and there have been much more worst cases than what you have described.
For ex the Upstox data breach (a stock brocker) which leaked users kyc documents including aadhar (SSN), signature specimen copies and even thumb prints. So i guess people should get rid of their fingerprints lol.
So don’t need to stress to much about it, just make sure you use a good password manager (ex. bitwarden) with 2fa on and email aliases (simplelogin). Avoid using your phone number for any type of services and beware of any suspicious sms sent to you on that number.
Changing your number is upto you as we really don’t have an option to use a virtual no. anonymously. But you could consider changing no. if you are getting too many spam calls or texts.
I don’t think there is a way currently you could get your data removed from a data breach so its best to just take only subsequent security steps to avoid any future lose.
I hope this would help.
I don’t use social media at all, my friends convinced me to try this social media app called Slick, part of me wished I haven’t. I guess things are just out of hand rn.
I have done it already, thanks for suggesting.
Next year is college for me, and Delhi is not really known for being safe for girls after midnight. With the breached information people with evil intent exploit the newfound information. Nevertheless it’s of no use crying over spilt milk and coming to terms with it might be the best solution.
Email address wasn’t breached.
On the plus side this might be the start of my online privacy journey. I can’t ditch my Windows rn but next year maybe I will.
Your safety concerns are not completely invalid. But remember, breached information is publicly available that doesn’t mean any random guy on street would have access to it, you require proper skills and knowledge to access those which is not that common as you’re thinking.
Sorry for the late reply but just adding that a lot of DeleteMe seems to be focused around an email address.
If you have a very unique name then you might benefit from using a service that searches the internet for your name.
I’m less familiar with image searches but you have me curious to what results I would get on a government issued ID picture search.
Solid response from Henry I’d mark him as a solution to be honest.
You’ve essentially experienced the digital equivalent of a natural disaster and there is no back button. What’s done is done and you cope with it however you feel best. This really is a thing that needs to be prepared for. Hackers strike constantly they only need to win once but we need to defend against it every time. You don’t need to go to Edward Snowden levels of privacy but you need to prepare for this if you’re gonna survive the next breach. If you use a random password and alias email you’re information should be unique. When the account is breached just delete the email and move on. Keep in mind an account for the government needs to be public and can get data breached. I wouldn’t worry about this. Worry about what you can control. If you have some information that is highly sensitive in the future you could always leave it offline the choice is yours. This space is always changing and our replies will become outdated so research this on your own in addition to asking questions I’m sure you’ll do fine. GL.