Data breaches seem routine these days, but they’re especially concerning when they involve personal information, such as names, addresses, social security numbers, usernames, and passwords.

It’s all floating around on the web for anyone to see. So, what do we do?

Recently, I had cybersecurity expert Troy Hunt on my radio show. He runs a website called Have I Been Pwned. It’s a way to check if your information is involved in a data breach. You can also get alerts when your info appears in a new data dump.

In the interview, I ask how the website works, the best ways to protect our personal information and if signing up for one of those personal information removal services is worth it. See the key takeaways below!

1. Troy Hunt created a website called "Have I Been Pwned" that lets you check if your personal information has been exposed in data breaches. "Pwned" is a gaming term that means "owned" or compromised.

2. The site collects data from many breaches. You enter your email and it tells you which breaches your info was in, like Dropbox or LinkedIn.

3. Troy says the #1 security tip is to not reuse passwords. Password managers help keep passwords strong and unique.

4. Data breaches often happen when hackers try email/password combos from one site on other sites. Reusing passwords makes you vulnerable.

5. You can sign up to get alerts when new breaches include your email. AT&T data is there but not Roku yet.

6. Getting rid of passwords is hard. Alternatives like security keys exist but are harder for average people to use. Passwords are still dominant because everyone understands them.

7. Services that claim to remove your data usually only remove it from less dangerous marketing lists, not from breached hacker databases.

8. In essence, the site helps inform people about breaches so they can take steps to protect themselves, mainly by using unique passwords.