How to use ‘Find My Stolen Information’, Review!
털린 내 정보 찾기
Source: Korea Internet & Security Agency homepage
How to use ‘Find my stolen information’, reviews!
It can be seen as a world where personal information is becoming really important as the era of non-face-to-face is approaching. These days, you can see that we are living in a scary world where even if you lose your ID, you can get a loan.
4 simple ways to check my loan status
6 Ways to Avoid Cell Phone Tracking
Unsubscribe from unused websites all at once
To do so, there is a place that supports a service to find my stolen information. The service is conducted under the supervision of the following public institutions.
Personal Information Protection Committee
Korea Internet & Security Agency
This is how it is managed. I would like to introduce you to a site and a way to easily check if your personal information has been stolen. Please refer to it.
Table of Contents [Expand]
How to use the stolen my information search service
To use the service, you must go through the personal authentication process. As a prerequisite, you must have a personal email.
1. Visit the stolen My Information service homepage.
2. Click the [Check Leakage Status] item.
3. You must proceed with your personal authentication and agree to the terms and conditions.
(advertisement)
4. Enter your email address and mobile phone verification code.
5. Search results after entering ID and password
As above, you can easily find the stolen Find My Information by entering the ID and password you are using. Simple, right? In my case, there is no leak history yet.
How to manage secure passwords
Here’s how to manage passwords safely. Please refer to it.
(advertisement)
Passwords with specific patterns
Password with a specific pattern Repeating the same character Example) ‘aaabbb’,’12345’
A set of consecutively arranged characters on the keyboard Example) ‘qwerty’, ‘asdfgh’
Arrangement of the first or last number Ex) ‘security’,’security’
A password constructed based on personal information that can be easily known by a third party
Password including family name, birthday, address, mobile phone number, etc.
Password using user ID
Example) If the user’s ID is ‘KDHong’, set the password to ‘KDHong’ or ‘HongKD’
A password composed of dictionary words including Korean and English
Example) ‘Sealand’, ‘Angel 10’, ‘love’
Passwords that include the name of a specific person or a well-known word
Passwords that include specific names of computer terms, sites, companies, etc.
Passwords containing names of celebrities, celebrities, etc.
A password composed of numbers and English characters replaced with similar characters
Password including family name, birthday, address, mobile phone number, etc.
etc
A password that is initially set in the system or in the form of converting the pronunciation of the password Korean into English and the pronunciation of English into Korean.
Example) ‘Love’ in Korean is written as ‘SaRang’ in English, and the pronunciation of the English letter ‘LOVE’ is written as ‘Love’ in Korean
My Privacy Site Frequently Asked Questions
What is the Dark Web?
The dark web is a web that can be accessed only through a special browser, and is often used for black markets that are impossible to track due to its high anonymity and closedness.
Like the recent Nth Room incident, ‘personal information, counterfeiting, drug dealing, hacking information, sexual exploitation, etc.’ are being illegally distributed on the dark web, becoming a social problem.
Why should I check if my account information has been leaked?
The ID (ID) and password (PW) used on the website are personal information that can be easily identified by combining with other information.
Therefore, if account information is illegally distributed, it may be abused as a credential stuffing attack*, resulting in damages such as identity theft, fraudulent transactions, voice phishing, etc.
If it is recognized as a leak through this service, the user can quickly access the registered site and change the password to prevent secondary leak damage.
* Credential stuffing attack: Abusing the fact that users use the same ‘ID, PW’ across multiple online sites, illegally acquiring account information distributed on voiced sites such as the dark web, and account hacking brute force attack for
Where did you collect the leaked account information?
We are legally collecting information based on information that has been recognized and disclosed online, including the dark web and deep web*.
In particular, in November of last year, we are providing services by utilizing data applied with ‘one-way encryption technology’ to domestic account information (about 23 million cases) illegally distributed on the dark web, etc., and Google’s password safety diagnosis service (about 4 billion cases).
In addition, this service does not store ‘ID and password’ in plain text, but immediately uses one-way encryption (HASH) for safety and uses it only for the purpose of providing simple inquiry information.
* Deep web: A web where search and information access is restricted. Access is possible if you know the IP address or URL, but you need to grant access rights such as log-in (eg, corporate intranets or hacker forums, etc.)
Is the ‘e-mail address, user ID (ID), password (PW)’ entered for inquiry safely processed?
This service provides results so that the account information (ID, PW) entered by the user can be inquired and confirmed whether or not there is a leakage history.
The information entered by the user is one-way encrypted (HASH) and destroyed immediately after inquiry, or the e-mail address for identity verification is stored and destroyed until midnight the next day, and data for comparison and contrast is also safely processed and stored with HASH, so you can use it with confidence. Please.
Where did my account information get leaked?
In most cases, it is impossible to verify the source of account information that is illegally distributed on voiced sites such as the dark web.
In particular, attackers such as hackers collect personal information from various websites illegally posted online, or artificially create and illegally distribute incorrect personal information for the purpose of obtaining money, and use it in combination with advanced hacking techniques. As a result, the process of specifying the outflow path is more difficult.
Through 「Find My Information Lost Service」, the result of ‘Leakage History’ was confirmed. What action should I take?
If there is a history of leakage, you can immediately change your password to prevent secondary leakage damages such as ‘identity theft, fraudulent transaction, voice phishing, etc.’
In particular, it is recommended to change to a secure password by referring to the ‘Password selection and usage guide’ posted in the notice.
If you suspect identity theft or if it is difficult to withdraw from membership because you do not know your ID and password, please use the ‘ePrivacy Clean Service (www.eprivacy.go.kr)’ operated by the Personal Information Protection Commission. o Since the above service provides a service for handling membership withdrawal, users are requested to safely manage their personal information by withdrawing membership from websites that have not been used or accessed for a long time.
(advertisement)
Can I exercise my right to request to view/correct/delete personal information processing regarding the leaked account information?
In principle, it is subject to the exercise of the right to read, but in accordance with Article 35, Paragraph 4, Item 2 of the Personal Information Protection Act, access may be restricted or denied.
For reference, this service does not store account information (only HASH values are saved), so it cannot be deleted, and input values for comparison and contrast within the service are deleted immediately.
Please refer to the method and explanation and prevent damage in advance.