While reviewing the list of what information was exposed in a particular company’s data breach with Credit Karma’s Identity Monitoring feature, you may find that you have a password that has been exposed online. Make sure to change it as soon as possible.
If the Identity Monitoring feature says that your password was exposed but doesn’t reveal which password it was, it’s because the password wasn’t provided to us. If we receive additional details about the breach, we’ll update our site with that information. In the meantime, confirm that you have different passwords for any accounts that contain sensitive info, such as your banking app or email account.
If you see passwords that you don’t recognize, there could be a few reasons why:
- It’s possible that the password is very old and you have forgotten about it.
- It may also be that the password is encrypted. We still think encrypted passwords are valuable for you to see if available, although we are unable to decrypt them for you.
- It’s possible that the account wasn’t created by you in the first place. Don’t panic! Go through the breached accounts listed on the Identity Monitoring page to cancel or change the passwords on any websites that you don’t recognize. (Note that sometimes certain info won’t be disclosed.)
We understand that seeing passwords that you don’t recognize may be alarming, but there are steps you can take to reduce your risk of identity theft, starting with creating a strong password for any new or existing accounts.
Learn more about how to create and protect a strong password.
You should also make sure you aren’t using the same password for more than one account, which could make it easier for a hacker to access your information. You should also reset any existing security questions or password hints and avoid reusing the same ones across multiple accounts.
You can read more about how you can protect yourself if your info has been exposed in a data breach.