The scenario: You're about to go on a 10 day road trip on which you're likely to need the use of your credit card. The day before you leave you try to buy gas and
You call your credit union and, because it's a small community bank, you talk to someone that actually knows you. "Were you buying groceries in Virginia?"
"Well, your credit card was. It's been canceled."
Now you know what it means to have been pwnd. (Still confused? That's what wikipedia is for.)
Our hypothetical victim had her credit card compromised as part of the Harbor Freight Tools breach. She got a letter a couple of months later. (And hypothetically wasn't offered credit monitoring or anything more than a, "Whoopsie daisy!")
The problem is breaches are becoming more and more common. And it's not just credit cards. Your password is a key part of your identity online and if you lose it the bad guys get to be you. That's not good.
To make matters worse, many people use the same password for all their sites. No, I won't ask you to raise your hands because you won't do it anyway. What I will tell you is you need to have different passwords on different sites or at least different classes of sites.
In other words, all your banking sites use a super-strong password. Your major ecommerce sites like Amazon and Apple get a different super-strong password. Your subscriptions to blogs (like this one) get a weak password. You get the idea.
If you want to find out if you have already been pwnd through one of the big breaches (and by big I mean 150 MILLION BIG) go to this site and enter your email address. It's safe, I promise.
If you want to see what it looks like for a non-pwnd and a pwnd address, go ahead and enter these:
Now, go and change your passwords. All of them. And if you have trouble remembering all your new passwords check out 1Password.
(For more information security tips click here.)