Technologies

5 Ways to Help Lock Down Your Data After PayPal’s Data Breach

PayPal is the latest company to investigate a digital breach. You can’t prevent these incidents, but here are ways to protect yourself online.

PayPal is the latest company to report a data breach, but it’s certainly not the only one. With cyber threat actors targeting big corporations, software companies and even apps on your phone, your personal data could be at risk. If your private information has been compromised, you often won’t learn about it until a company notifies you about a data breach. By that time your birthday, Social Security number, credit card number or health records will have already been exposed or stolen. (Here’s what to do if you think your Social Security number was stolen in the PayPal breach.)

Any stolen information that leads data thieves to your identity can let hackers do everything, from making purchases and opening up credit accounts in your name, to filing for your tax refunds and making medical claims posing as you. Billions of these hacked login credentials are available on the dark web, neatly packaged for hackers to easily download for free.

You can’t stop sites from getting hacked, but after a cyberattack, monitoring tools can alert you to which of your stolen credentials are out on the dark web, giving you a running start at limiting the damage the thieves can do. Here’s how to use two free monitoring tools — Google’s Password Checkup and Mozilla’s Firefox Monitor — to see which of your email addresses and passwords are compromised so you can take action.

Steps you can take before a data breach

First, use a password manager that creates unique passwords for each of your logins and make sure you are following password best practices. That way, if one site gets breached, your stolen password won’t give hackers access to your accounts on other sites. A good password manager can help you administer all your login information, making it easy to create and use unique passwords.

And once you find out a company or service with your credentials has been hacked, change that password, regardless if you are notified that your information was exposed in the data breach or not. You don’t want to wait days to act while the company works to uncover the extent of the hack.

How to use Google’s Password Checkup

As part of its password manager service,Google offers the free Password Checkup tool, which monitors usernames andpasswords you use to sign in to sites outside of Google’s domain andnotifies you if those login credentials have been exposed. (You mayremember Password Checkupwhen it was a Chrome extension you had to add separately to Google’sbrowser. This is the same tool folded into Google’s password manager.)

1. If you use Google’s password service to keep track of your login credentials in Chrome or Android, head to Google’s password manager site and tap Go to Check passwords.

2. Tap Check Passwords and verify it’s you.

3. Enter the password for your Google account.

4. After thinking for a bit, Google will display any issues it’s found, including compromised, reused and weak passwords.

5. Next to each reused or weak password is a Change password button you can tap to pick a more secure one.

How to use Mozilla’s Firefox Monitor

Mozilla’s free Firefox Monitor service helps you track which of your email addresses have been part of known data breaches.

1. To start, head to the Firefox Monitor page.

2. Enter an email address and tap Check for Breaches. If the email was part of a known breach since 2007, Monitor will show you which hack it was part of and what else may have been exposed.

3. Below a breach, tap More about this breach to see what was stolen and what steps Mozilla recommends, such as updating your password.

You can also sign up to have Monitor notify you if your email is involved in a future data breach. Monitor scans your email address against those found data breaches and alerts you if you were involved.

1. Near the bottom of the Firefox Monitor page, tap the Sign up for Alerts button.

2. If you need to, create a Firefox account.

3. Tap Sign in to see a breach summary for your email.

4. At the bottom of the page, you can add additional email addresses to monitor. Mozilla will then send you an email at each address you add with a subject line «Firefox Monitor found your info in these breaches» when it finds that email address involved in a breach, along with instructions about what to do about following the breach.

How else to watch for fraud

Besides using the tools from Mozilla and Google, you can take a few more steps to watch for fraud.

View your digital footprint. Bitdefender provides a dashboard with its Digital Identity Protection subscription that shows where your personal information has appeared online. It also pinpoints data breaches where your info has been leaked in the past, notifies you when your personal info appears in breaches going forward and provides recommended steps to secure your data. It also tells you whether your info is on the dark web and lets you know if someone appears to be impersonating you on social media.

Monitor your credit reports. To help you spot identity theft early, you can request one free credit report a year from each of the three major credit bureaus — Equifax, Experian and TransUnion — to check for unfamiliar activity, such as a new account you didn’t open. You should also check your credit card and bank statements for unexpected charges and payments. Unexpected charges can be a sign that someone has access to your account.

Sign up for a credit monitoring service. To take a more active hand in watching for fraud, sign up with a credit monitoring service that constantly monitors your credit report on major credit bureaus and alerts when it detects unusual activity. With a monitoring service, you can set fraud alerts that notify you if someone is trying to use your identity to create credit. A credit reporting service like LifeLock can cost $9 to $24 a month — or you could use a free service like the one from Credit Karma that will watch for credit fraud but not ID fraud, such as someone trying to use your Social Security number.

For more on how to keep your data secure, see our guides on how to protect your phone’s privacy, the best VPN services and why you should never trust a free VPN.

Technologies

Researchers Discover 18 Popular VPNs Are Connected: Why This Matters

All are owned by 3 separate groups but CNET’s recommended VPNs are not on the list

Virtual private networks are popular ways to keep your online activity private and hide your physical location from your internet service provider and apps. But it’s obviously important to choose a safe and secure VPN.

Three university researchers have discovered that 18 of the most widely used VPNs have shared infrastructures with serious security flaws that could expose customers’ browsing activity and leave their systems vulnerable to corrupted data. These VPNs are among the top 100 most popular on the Google Play Store, comprising more than 700 million downloads.

Read more: Best VPN Service for 2025: Our Top Picks in a Tight Race

The peer-reviewed study by the Privacy Enhancing Technologies Symposium found that these VPNs, despite calling themselves independent businesses, are actually grouped into three separate families of companies.

None of CNET’s recommended VPNs — ExpressVPN, NordVPN, Surfshark, Proton VPN and Mullvad — are on the list. (If you currently don’t have a VPN, here’s why you might want to start using one.)

According to the findings, these are the three groups that contain the 18 VPNs:

Family A: Turbo VPN, Turbo VPN Lite, VPN Monster, VPN Proxy Master, VPN Proxy Master Lite, Robot VPN, Snap VPN and SuperNet VPN
Family B: Global VPN, Inf VPN, Melon VPN, Super Z VPN, Touch VPN, VPN ProMaster, XY VPN and 3X VPN
Family C: X-VPN and Fast Potato VPN

Researchers determined that the VPNs in Family A are shared between three providers linked to Qihoo 360, a firm identified by the US Department of Defense as a Chinese military company. The VPNs in Family B use the same IP addresses from the same hosting company.

Know your VPN’s parent company

It’s a cautionary tale about why it’s important to know who’s behind the VPN you’re using, says CNET senior writer Attila Tomaschek.

«It’s also crucial to know what kinds of data the VPN provider is sharing with its parent company and affiliated entities,» Tomaschek said. «Some of these companies may even be compelled to log customer activity and share it with authorities, depending on the jurisdiction in which they operate.»

Despite the warnings, Tomaschek says it’s not so easy to figure out who controls your VPN. But he says there are measures that customers can take.

«Users can do a few things to help ensure the VPN they’re using is reputable,» Tomaschek says. «Check the privacy policy — specifically for terms like ‘logging,’ ‘data sharing’ or ‘data collection.’ A Google search of the provider can help determine whether the VPN has been involved in questionable activity. Read detailed, unbiased reviews from reputable sources. Be especially wary of signing on with a free VPN, even if it’s listed as a top choice in your app store.»

The PETS researchers examined the most downloaded VPNs on Android, looking for overlaps among business paperwork, web presence and codebase. After identifying code similarities, they were able to group the 18 VPNs into three groups. The study was initially spurred by VPN Pro’s own findings, «Who owns your VPN? 105 VPNs run by just 24 companies.»

CNET’s Tomaschek has advice for anyone who has been using one of these 18 VPNs.

«I’d recommend deleting it from your device immediately,» he said. «If you suspect that any sensitive personal data may have been compromised, it’s a good idea to keep an eye on your credit report and look into services like dark web monitoring or identity theft protection.»

Technologies

Today’s NYT Connections: Sports Edition Hints and Answers for Sept. 6, #348

Here are hints and the answers for the NYT Connections: Sports Edition puzzle for Sept. 6, No. 348.

Looking for the most recent regular Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.

Today’s Connections: Sports Edition was a stumper. But if you play cards, the green group is a fun one for sure. If you’re struggling but still want to solve it, read on for hints and the answers.

Connections: Sports Edition is published by The Athletic, the subscription-based sports journalism site owned by the Times. It doesn’t show up in the NYT Games app but appears in The Athletic’s own app. Or you can play it for free online.

Read more: NYT Connections: Sports Edition Puzzle Comes Out of Beta

Hints for today’s Connections: Sports Edition groups

Here are four hints for the groupings in today’s Connections: Sports Edition puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Racket time.

Green group hint: Ante up!

Blue group hint: NY signal-callers.

Purple group hint: Coach’s CV.

Answers for today’s Connections: Sports Edition groups

Yellow group: Tennis statistics.

Green group: Poker variants, familiarly.

Blue group: Giants QBs, past and present.

Purple group: Teams coached by Lane Kiffin.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections: Sports Edition answers?

The yellow words in today’s Connections

The theme is tennis statistics. The four answers are aces, double faults, unforced errors and winners.

The green words in today’s Connections

The theme is poker variants, familiarly. The four answers are hold ’em, horse, Omaha and stud.

The blue words in today’s Connections

The theme is Giants QBs, past and present. The four answers are Manning, Simms, Tittle and Wilson.

The purple words in today’s Connections

The theme is teams coached by Lane Kiffin. The four answers are Mississippi, Raiders, Tennessee and USC.

Technologies

Hollow Knight Silksong Guide: Read These 11 Tips Before Starting

Need help finding rosaries and maps? Here are 11 tips to help you begin your journey.

The indie gaming classic Hollow Knight’s long-awaited sequel, Silksong, is here. Just like the 2019 original, the new game is mysterious and labyrinthine. I’m having an absolute blast playing it, but there are a lot of quirks and challenges you’re going to have to face.

Here are 11 tips to help you navigate the first couple hours of the exciting — and difficult — Silksong.

Read more: I Played Silksong on the ROG Xbox Ally X and I’m Ready for More

11 Hollow Knight: Silksong tips for beginners

Early rosary cache

Rosaries are this game’s version of currency, which you can use to buy amulets and maps from early game merchants. If you die, you’ll have to recover them from your corpse in order to collect what was lost. In the opening area of the game, you can find a rosary cache to give your wallet a boost early on. Right before entering Bone Bottom, there’s a hole to drop down. Hold left as you fall and you’ll find a bone wall you can break. Here you’ll find your reward.

Learn the pogo

Bouncing off enemies is an early way to double jump. To do it, hold down while attacking in the air. It’s much harder to pull off than it was in Hollow Knight due to Hornet’s attacks, which are angled diagonally rather than straight down. However, if Silksong is anything like the first, you’ll be expected to master this technique in order to find and unlock everything in the game — there could be secret areas that can only be reached or bosses that can only be defeated with this technique. Make sure to master this skill early on.

First spool fragment and shortcut

After meeting Shakra, the map merchant, head left into the next screen. There is a flying enemy near the far left wall. Use the pogo jump technique off of them to reach and exit the room in the top left corner. If you kill the enemy, simply leave the area and rest at the nearby bench to respawn them (benches also save your game). After reaching the next room, drop down the first hole. There’s also a rosary cache to your right as you descend. Continue down until you reach a lever, which activates the elevator, giving you a shortcut back to Bone Bottom.

From the top of the elevator shaft, head right. You’ll also see an enemy glowing green below you as you progress. It holds a Moss Berry, and in order to get it, you’ll either have to keep pogo attacking them or fall and slash repeatedly. You can use your new elevator to keep ascending back up if you fall down.

Eventually, you’ll find another cache of rosaries hanging in a small room, but be careful, as they’re boobytrapped with spikes right underneath. However, these spikes only activate once, so you can just wait for them to disappear. Attack the wall in the bottom left of this room to open a secret door that leads to the Spool Fragment — you’ll want to prioritize collecting these, as they increase your max silk capacity.

Buy the first four items from Shakra

Maps are extremely useful in Silksong, so buy them whenever you have the chance. When you first meet Shakra, they’ll have two for you. In addition, you can also buy the Quill and Compass. These will help fill in the map and, if equipped, show your location. Try and grind out enough cash to buy all four of these items. If you’re low on funds, the enemies in the area to your left will drop around five rosaries each, and there’s a nearby bench you can sit on to keep respawning them.

If you followed my advice and collected the Spool Fragment above, you should have more than enough currency to buy all four.

View the entire map

Holding down LB (on Xbox) will bring up the map of your current area. In order to see the entire area, and how each section connects to one another, double tap LB instead.

Choral Commandment

You can find a Choral Commandment, which can be given to a certain collector later on, shortly after encountering Shakra. Climb upwards from their position and to the left. Up again past the lever and there is a breakable wall immediately left of you.

Moss Druid

Right after obtaining the Silk Spear technique, head to the bottom right corner of the room and destroy the webs with your new skill. Inside and past the right exit is Moss Druid (and a save bench) who will give you your first side quest of finding three moss berries. If you found one early on, and a second one that I mentioned while going for the Spool Fragment, you can collect a third just below them by dropping down the hole left of the bench and past a hidden wall in the bottom right corner of the room. Finishing this side quest will earn you an achievement.

Easier healing

Unlike in Hollow Knight, you don’t need to hold down the bind button (B on an Xbox controller) to heal. In Silksong, you simply need to tap it once you have enough silk. This will grant you three pips of life back. You can also heal while in the air, so take advantage of it when landing could mean your death.

Different types of equipment

Hollow Knight only had one type of equipment, but Silksong has four. They’re distinguished by colors: white, red, blue and yellow. White is for your spells, such as the Silk Spear, red is for tools, blue holds amulets, and yellow is for additional items, such as the compass. You can only equip one of each at a time (at least for now).

How to defeat the Bell Beast

The first real boss fight of the game is the Bell Beast and it’s located shortly after collecting the Silk Spear skill.

The Beast has three main attacks. The first will see either side of the ground rumble followed by the Beast surfacing and charging toward you. Simply jump over it and do a pogo attack as it passes. The second attack begins like the first, with the ground on the side of the arena rumbling, but this time the Beast will launch into the air and arc over you. It’s very easy to just walk the opposite direction to avoid getting crushed. You can also quickly counter and get in two attacks while it tries to get unstuck from the wall. The last attack will start a little differently — this time the center ground will rumble. The Beast will pop up and launch two bell projectiles horizontally. To dodge, just hop over the bell.

When you’ve whittled the boss’s health down halfway, the Beast will surface and scream, shaking the whole area. This will cause bells to start dropping down from the ceiling while you continue the fight. They’re pretty easy to avoid since they only bounce once before disappearing. Simply hop over them as you continue the pattern of attacking and dodging the Beast’s three attacks.

Unlocks after the Bell Beast

After defeating the Bell Beast you get an achievement and a silk heart. This will regenerate a little bit of silk automatically after every use. After falling in combat, the Bell Beast will also have a change of heart and become your mode of fast travel.

Make sure to revisit Bone Bottom once you’re victorious as you’ll now be able to take on additional side quests from a sign in town.

Hopefully these tips give you a better grasp of the dangerous and complex world as you begin your adventure in Silksong.