What is a breach?
A data breach occurs when an unauthorized party gains access to information that is usually sensitive or confidential. In many cases this data is then distributed and/or sold to other parties for malicious intent.
Breaches can be classified by what information was stolen. Common breaches include personal health information, personally identifiable information, trade secrets and intellectual property.
A breach can be as unsophisticated as an unauthorized person looking at someone else's computer screen, or as complex as an organized computer crime group attacking a large service provider. The information exposed in a breach varies. Common data that is targeted include email addresses, passwords, Social Security Numbers, credit card information, and bank account numbers.
What does the WBL Breach Monitoring Service do?
Our service monitors various sources that report breaches and what information was contained within those breaches. Our platform then scans the breaches to see if your information (e.g. email address) was found in that data. We can then alert you as soon as possible so you can take action to protect yourself.
What does this service cost?
It's simple - $1 per month, per email address. You can cancel at anytime, and bulk pricing is available for more than 50 email addresses.
What data do you have about me?
For security reasons, we do not have nor hold any of the actual breached data. For this reason, we cannot fulfill requests such as "can you show me the exact data from the breach that contained my information?". In an effort to hold as little information as possible (additionally reducing the risk of exposure for our members), we simply cannot and will not provide this type of information.
Additionally, we make a conscientious effort to ask for and store the least amount of information about our users and still allow our service to be useful. Robust, industry standard, security protocols are met or exceeded.
Who can see that I've been leaked?
Only you, or someone you authorize, can see that you were located in a breach. At no time do we fulfill informational requests from unauthorized and unverifiable sources, except when required to do so by law. In other words, we are not a service where you can request if your spouse/partner was involved in a breach. Nor are we a service where you can illegally purchase/obtain breached data for nefarious purposes. We are very serious about helping people, and any such activity would be a violation of what we stand for.
When a business member adds an email address to be monitored, we automatically generate an authorization email to that email address. This authorization email must be retrieved and clicked prior to any monitoring being activated. This prevents someone from monitoring your email address without your knowledge and consent. This authorization can be revoked at any time by simply emailing us from the email address question with the subject line of Authorization Revocation. Please send revocation requests to service at wisconsin buy local dot com. Requests may take up to 3 business days to be processed. You'll receive a confirmation email once the revocation has been processed.
What can I do after being leaked?
After a data breach happens, what was breached and timing is important.
Some breaches include just your email address -- and just revisiting your Spam filtering is enough.
When passwords are involved, your best course of action is typically to immediately change your password and to review your password strategy.
Other breaches can contain much more sensitive information where you'll want to seek professional assistance, sometimes in the form of changing credit cards or setting up credit monitoring.
Each breach requires some thought and a proportionate response. When in doubt, seek professional assistance.
What are the common breach types?
Common breaches can include, but are not limited to the following types of information:
- Email Addresses
- User Names
- Phone Numbers
- Email Messages
- Credit / Bank Cards
- Bank Accounts
- Instant Messaging Conversations
- IP Addresses
- Ages / Birthdays
- Website Activity
- Job Titles
- Physical Addresses
- Salary / Income Levels
- Credit Scores
- Family Structure
- Vehicle Details
- Buying Preferences
- Charitable Donations
- Political Donations
- Home Ownership Status
- Marital Status
What is a Sensitive Breach?
We strive to protect the privacy of our users. Some breaches are deemed sensitive in nature due to the origin of the breach data (e.g. adult website) or the data contained within the breach.
When a breach is deemed Sensitive, we will not scan the data within that breach to provide individual alerts for our users. Instead, we will merely alert all our users that a sensitive data breach has occurred with the specific provider. In other words, we will not tell you (or someone you authorize) whether you are found within the sensitive breach or not. Users can privately make a logical connection themselves if they were a member/user of the breached service.
How can I protect myself?
In today's digital world with a constantly changing security landscape, it can be very difficult to protect yourself against getting breached. Even if you had no email address, no social media accounts, and didn't event own a computer or smart phone -- you are still at risk. Countless businesses hold data about you. Just to name a few: credit agencies, lenders, your grocery store, and governmental entities.
Aside from our breach monitoring service for our business members, some common best practice strategies include:
- Only provide information to sources that you trust.
- Use two-factor authentication when available (e.g. a password AND a special single-use code sent to your phone).
- Don't reuse passwords between different services and sites.
- Setup free or premium credit monitoring.
- Use common sense -- there are a lot of scams out there.
Do you sell info to 3rd parties?
Absolutely not - period.
We strive everyday to protect our members' privacy and confidentiality. We do not provide information about our members to external parties, except when required to do so by law enforcement. And remember, because we do not hold any details of what was actually contained within a breach, we do not have any details to share.
At times we may work with an industry partner to provide offers to our members, but we will present any such offers directly to you without the partner receiving any information about you or your account with us.
Is my information safe with you?
While no service provider can guarantee that your information is absolutely, without a doubt, 100% safe, we've designed our business and application with security in mind.
We collect minimal information from our customers, adhere to or exceed industry standard security practices, and store as little information as possible.
How frequent are new breaches?
It can be hard to judge just how often new breaches actually occur because some go unnoticed or unreported for substantial periods of time. There have been unusually quiet periods where we don't see a new breach for a month, and other times we see reports of multiple breaches being discovered in a single day. With the bad guys constantly wanting data to mine, sell and gain from, data breaches are going to be an issue, unfortunately, for the foreseeable future. We'll do our best to help you monitor what's going on out there.
Is there an API?
Not at this time.
If you have interest in an API, please feel free to contact us with your needs and/or ideas.