there's a good chance your data has been hacked, leaked, or stolen.

你的資訊很可能已被駭入、洩漏或盜取。

Over a billion users were affected by data breaches in 2018,

2018 年超過十億用戶受到資料外洩的影響，

and it seems like there are reports

這看來是每週

of new hacks every week.

都有新的被駭事件。

Can you even use the internet

你還能使用網路

without your information eventually leaking?

卻能避免你的資訊被洩漏嗎？

What's going on with your data?

你的資訊到底怎麼了？

We trust companies with a lot of our data.

我們將自己的資訊交付給這些公司。

Unfortunately, we don't always know how

不幸的是，我們無法得知

the data's being used or if it's protected.

這些資訊被如何運用或是否受到保護。

Third parties accessing your information

第三方能接觸的你的資訊而

without your permission is never good.

不需你的允許是無益的。

But there are actually a bunch of ways

但事實上你的資訊有

your information can be exposed.

一堆被洩漏的方法。

Large data breaches can leak data from multiple companies,

大量數據外洩會洩漏出許多公司的資訊，

often containing information of millions of users.

其中多數含有數百萬用戶的資訊。

In 2018, a leak called Collection #1

2018 年，一份名為 Collection #1 的外洩資訊

was released on the file-hosting site Mega.

被發佈在 MEGA 雲端空間上。

Collection #1 contained millions of passwords

Collection #1 內含數百萬的電子信箱、

and emails all collected from previous data breaches.

密碼，全都是從先前外洩的數據中蒐集來的。

But sometimes the attacks are more specific.

但有時，這些攻擊是有針對性的。

Hackers often target individual companies

駭客通常會鎖定各個公司

to gain access to their user data.

好取得它們公司用戶的資訊。

The largest hack so far was the Yahoo hack.

目前最大宗的駭客入侵事件是 Yahoo 數據外洩。

In 2013, 3 billion user accounts were compromised.

2013 年，三十億筆用戶的帳戶資訊遭到威脅。

The breach included user phone numbers,

被洩漏的有用戶的電話號碼、

birth dates, and even security questions and answers.

生日，甚至還有安全問題和答案。

Even though that breach happened in 2013,

儘管資訊是在 2013 年外洩的，

users didn't know the full scale until three years later.

用戶們直到三年後才知道洩漏的規模。

More recently, T-Mobile was targeted by hackers

不久前， T-Mobile 公司遭到駭客鎖定，

who stole the data of 2 million users.

他們盜走兩百萬用戶的資訊。

These types of hacks are all too common nowadays.

這類型的駭客攻擊在如今已是司空見慣了。

But it gets worse.

但這可能會惡化。

Third parties can have access to your data

第三方就算沒有駭客攻擊

even if there was no hack.

也能取得你的資訊。

When you sign into an app or a game with Facebook,

當你用臉書登入某個 app 或遊戲中，

you're sharing some of your data,

你就分享了一些你的資訊，

and it's hard to know how the data you share

而且也很難得知你所分享的資訊是

is being used or who has access to it.

被作何用或是誰取得的資訊。

In 2015, the app This Is Your Digital Life

2015 年，「這是你的數位生活」app

shared user data with third parties

將用戶資料洩漏給類似像

like Cambridge Analytica.

「劍橋分析」第三方。

Facebook gave the app access to user-profile data

臉書授權 app 取得用戶個人資料數據

and information on subjects each user was interested in.

以及用戶有興趣的主題資訊。

Users of the app had no idea this data was being used,

app 的用戶對於這些資訊被取用完全不知，

and in April, Business Insider reported

四月時，商業內幕網站報導出

that Facebook had unintentionally uploaded

臉書無意中便將一百五十萬用戶的

1.5 million email contacts without user permission.

信箱未經允許地上傳了。

Facebook has even been criticized for using phone numbers

臉書也因用電話號碼取代

used to verify passwords to instead target ads,

目標廣告來驗證密碼而飽受批評，

taking something that was supposed to be used for security

它取得本該應用在安全性上的東西，

and using it to improve ad tracking.

並用它來改善廣告偵測

Sometimes there isn't even malicious intent,

有時甚至沒有惡意意圖在其中，

just negligence.

有的只是忽視。

In 2018, The Wall Street Journal reported

2018年，華爾街日報報導

that a bug in Google Plus could have exposed

Google+有個程式錯誤可能會導致

the data of hundreds of thousands of users.

數以萬計用戶的資訊被洩漏。

Google claims no user data was misused,

Google 所有用戶的資料都沒有被濫用，

but they failed to disclose this issue for months.

但他們幾個月來都沒能公佈這個問題。

OK, so this type of thing happens a lot,

好吧，所以這類的事層出不窮，

and your data is probably out there.

而你的資訊大概已流落在外。

But how does this actually affect you?

但這對你會有何實際影響呢？

At best, it doesn't.

最好的情況是，沒有影響。

If your email address is leaked, for example,

例如，若你的信箱被洩漏了，

there isn't much that hackers can do

駭客沒有另一項資訊的話，

without having other information.

也拿你別無他法。

But it gets worse when more private information is exposed.

但若是更多私人訊息被洩漏了，情況就會惡化。

If passwords and emails are leaked,

若密碼和信箱被洩漏了，

you're at risk of having your account stolen

你就有帳號被竊取或

or accessed by someone else.

被他人讀取的風險。

And depending on where the data came from

且根據資訊的來源處和

and how often it was used,

它被利用的頻率，

it could mean someone now has access

這代表某人目前正在存取登陸

to your email login, online bank accounts,

你的信箱、網路銀行帳戶或者

or other very sensitive data.

其它極為敏感的資訊。

The worst-case scenario can include things like

最壞的情形可能有

credit-card fraud and identity theft.

信用卡詐欺和身份盜用。

These breaches have serious impacts

這些漏洞對一間公司而言除了有負面公共關係外，

beyond bad PR for a company,

也帶來嚴重的影響

and they're actually getting worse.

且事實上越來越惡化了。

The number and size of data breaches

資訊洩漏的數量和規模

has skyrocketed in the last decade.

在過去十年疾速攀升。

According to research from Norton Lifelock,

根據諾頓防毒軟體，

more than a billion adults

有超過十幾億的成人

have been the victim of a cyber crime.

已成為網路犯罪的受害者。

OK, so at this point, you're probably a little freaked out

好吧，這個時候你大概有些嚇壞了，

and are wondering what you can do to protect your data.

且在思考該如何保護好你的資訊。

Here are a few tips that don't take a lot of time

這裡有幾個不花多少時間

but can have huge security benefits.

但對安全性大有助益的技巧。

First, check if your data has been leaked.

首先，檢查你的資訊是否有被洩漏。

The website Have I Been Pwned

「Have I been pwned?」這個網站

has a database of information that has been exposed.

有著已被洩漏資訊的資料庫。

You can input your info like an email address

你可以輸入類似像電子信箱或

or old passwords to see if that data has been leaked.

舊密碼來查看資訊是否有被洩漏。

If it has, change those passwords right away.

若已被洩漏，馬上更改那些密碼。

Speaking of passwords,

說到密碼，

using the same password for everything is a horrible idea.

每件事情都用同一個密碼是件可怕的想法。

If one account is compromised,

若一個帳號受到威脅了，

all of your accounts will be at risk.

你所有的帳號都處於風險中。

Instead, use a password manager, like LastPass

相反地，可以用密碼管理員，例如 LastPass 或

or 1Password.

1Password。

A password manager securely stores your passwords

密碼管理員可以安全地保存你的密碼，

and can help you generate unique ones

且能幫你生成特殊的密碼

that are hard to crack with brute-force hacking.

這種密碼很難用暴力攻擊法破解駭取。

Additionally, setting up

此外，為你的

two-factor authentication for your accounts

帳戶設定雙重認證

can prevent someone who has that password

能防止持有你的密碼的人

from accessing that account.

存取登入帳戶。

If you're feeling overly vulnerable or paranoid,

若你覺得自己太過不堪一擊或偏執，

you can even purchase a device like YubiKey

你還可以購買 YubiKey 這類的裝置，

to add even more security to your accounts.

好增強你的帳戶的安全性。

Even something as simple as keeping your apps

就算只是讓你的 app 和

and computer up-to-date

電腦保持最新狀態

can help prevent malicious attacks.

也對防範惡意攻擊有幫助。

Next, turn off ad tracking when available.

接著，可以時關掉廣告偵測。

We give a lot of information to online advertisers

我們在不知情的狀況下給了

without even knowing it,

線上廣告商許多資訊，

but some services give users the option

但有些機構給了用戶選擇權去

to limit what is being shared.

限制被洩漏的資訊。

If you wanna go even further,

如果你還想做更多，

you can use a browser like Firefox Focus,

你可以用像 Firefox Focus 這類的瀏覽器，

which acts as always-on incognito mode,

該瀏覽器總是維持著無痕模式，

enabling a private-browsing session

與傳統瀏覽器相比，

that shares and retains less data

它的私密瀏覽會話能

than traditional browsers.

共享和保留較少數據。

Finally, using a paid VPN can hide your internet traffic

最後，使用付費版的 VPN 可以從第三方隱藏

and IP address from third parties.

你的網路行蹤和 IP 地址。

A VPN can also protect your data

VPN 也能在你使用

when you're using public WiFi.

公共 WiFi 時保護你的數據。

It will encrypt your data,

它會把你的資訊加密，

making it much more difficult for anyone to steal it

這會讓人更難從

from an open network.

開放網路中竊取它

If you think sensitive data has leaked

若你認為敏感的資訊已被洩漏，

that could allow for fraud or identity theft,

並可能被詐欺犯或身份盜竊使用，

be sure to contact your credit-card company

請務必聯絡你的信用卡公司和

and credit-reporting bureaus.

信用報告機構。

You can also monitor your credit yourself

你也可以透過類似像 Credit Sesame 的平台來

via sites like Credit Sesame,

監控你的信用卡，

which will alert you if there are any inquiries，

如果你的信用卡有任何問題

into your credit.

它會提醒你。

This is a lot, I know.

這些資訊很雜，我知道。

Being on the internet means

上網代表我們

we're always sharing some kind of data.

永遠都在分享各式各樣的資訊。

You can't stop a company from getting hacked,

你無法阻止公司被駭入，

but you can limit how much information you share.

但你可以控管要分享出多少的資訊。