ShareThis Page

Carnegie Mellon privacy clinic aims to help protect you from hackers

Aaron Aupperlee
| Thursday, Jan. 26, 2017, 9:30 p.m.

Hacked emails played a large role in last year's presidential election.

Yahoo announced last year the data of about 1.5 billion accounts was compromised in two separate data breaches.

And the Allegheny County District Attorney paid a ransom — about $1,400 worth of Bitcoins — to unlock documents and files targeted in a cyber attack.

Computers, cellphones, fitness trackers and other internet-connected devices are compiling more and more data about us than ever before, and that data can be under assault by hackers. Some of the top thinkers in data security at Carnegie Mellon University attempted to fight back Friday with a privacy clinic to celebrate International Data Privacy Day.

"It is difficult to do anything or go anywhere without having your personal information collected, both online and in the physical world," said Lorrie Cranor, co-director of CMU's Privacy Engineering Master's Program, a faculty member at CyLab, a cyber security research and education institute at the university, and a professor in the departments of Engineering and Public Policy and the Institute for Software Research. "Most of us really want to have some privacy, and it's really important to be educated about who is collecting our data and what we can do to protect our privacy."

At the privacy clinic, community members could talk with CMU students researching data security and learn more about ways their data is targeted and how to protect it. The clinic ran from 11 a.m. to 1 p.m. outside the Connan Room at the Jared L. Cohon University Center in Oakland.

Last year set a new record for data security breaches, according to a report issued this week by Risk Based Security, a Virginia-based company that tracks and provides data security. There were 4,149 data security breaches in 2016, the report stated . Those breaches exposed more than 4.2 billion records, about 3.2 billion more than the previous high set in 2013.

Emails and passwords were exposed in about 40 percent of the hacks, accord to the report. Credit card numbers were exposed in about 20 percent, and social security numbers in about 16 percent.

Cranor and her colleague, Norman Sadeh, also a co-director of the Privacy Engineering Master's Program and a faculty member at CyLab, shared their top five tips for keeping your data safe.

(1) Check the privacy settings on your smartphone. Many of your apps are unnecessarily collecting information about you and sharing it with third parties. By regularly reviewing your settings, you can turn off unwanted permissions and reduce the amount of information leaked by your apps.

(2) Be careful before opening unexpected emails, clicking links in these emails or opening attachments in emails. If unsure, verify that the email is coming from whom it claims to be coming before opening it or clicking on links. Phishing emails continue to be the source of many data breaches.

(3) Make sure to update all of your software and have the latest patches. Also make sure your anti-malware software automatically updates itself with the latest malware signatures. This will reduce your susceptibility to security and privacy compromises.

(4) Check your social network settings to restrict who can see your posts. If you have messages intended just for your friends, make sure you are not posting them for the whole world to see.

(5) Use strong passwords, and don't use the same password everywhere. It is OK to write down your passwords and store them in a safe place. Better yet, use a password manager and let it generate random passwords for you.

Aaron Aupperlee is a Tribune-Review staff writer. Reach him at aaupperlee@tribweb.com.

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.