On Fri, Feb 22, 2019 at 2:04 PM Udhay Shankar N <[email protected]> wrote:
> 1. Log out all gmail/facebook/other social sessions (Most providers give > you the option to "log out all current sessions") > 2. Change all the passwords of pwned email addresses > 3. Enable 2FA EVERYWHERE that supports it. Ideally, with a hardware token > such as a yubikey. > Additionally, I'd also suggest you log in to your various (potentially) compromised accounts, check under security setting to see if the backup email address (where password reset notifications are sent) and backup phone number have been tampered with. -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
