Weeks of the data leaks

Looks like we have the Weeks of the data leaks:

My approach after data breaches or data leaks is always to create a new password for the service and tag the email address used for the service. And I strongly separate between logins for private and business usage.

Why tag the email address?

I’m using for each service a unique email address with a unique password. It does not matter if this is a login for LinkedIn or a login for an online shop or a login for something else. To handle some hundred unique email addresses, I’m using email aliases and not Catch-all filters. This guarantees that the email address must exist (as virtual address) on the mail server.

For example, an email alias for a service (Twitter, LinkedIn, Heise, …) can look like this:

Example email alias for a service

In case a service has a data leak or data breaches, I’m changing the email alias to:

Example email alias for a broken service

With this method, I’m able to identify that the service was breached and on which date the service was breached. I’m also adding some notes or web sites with additional information about the data breach or leak.

And I’m also requesting a GDPR - General Data Protection Regulation to the affected service for an impact assessment. Note: I sent my GDPR Request to LinkedIn on April, 8th 2021…