Critical passwords and access points that should be always a priority
- Devices Logon Information: if someone can access your device and log on to it, they will likely have access to multiple ways of reaching out other accounts, data and even replacing passwords in multiple services and locking you out of it, besides using them for the worst possible purposes, like draining your bank accounts, for example;
- E-mail Accounts: lots of services allow you to change your existent passwords (when you forget, for example), but sending you a verification link. If someone can access your e-mail box, they can read those messages and get access to those "password reset" links or any codes your bank or other institution might send you there!
- Phone Lines: Mobile or Fixed! If they can get access to your mobile line they can read verification texts sent to you through SMS or listen to codes sent by automated voice calls. Same applies to your landline and even if the service in question uses a human to call your home, if the bad person has just a tiny bit of information they can impersonate you and get what they need;
- Cloud / Operating System / Browser Accounts: Google, Apple and Microsoft provide you with very convenient services but, if someone has access to your user and password with any of those services, they will be able to access all passwords and services that you can use from their systems, like seeing all your passwords stored at Google Passwords, for example. Both Opera and Firefox had leaks in the past, and we're not 100% safe against future (or even unreported past ones) leaks on those services.
Always prioritize the items above when you're handling your personal data, on line or otherwise. Of course, keep your cash and bank cards somewhere safe and / or concealed, and consider getting insurance if you believe the premium cost is lower than the risk of having to use it.
If the worse happens 😭, do not negotiate with terrorists 😈. If someone already has bad information on you, nothing prevents them to use it anytime in the future, even if you pay 💸 (or kill 🔫) them. Just manage your losses, refuse paying ransom and move on 😢.
Prevention is always the best answer and, when talking about privacy, most of the times the only solution. Once your information is out there, there's nothing that you can do to erase it completely.
Off line backup on a device (external Hard Drive, SSD, Memory Stick etc) that's not connected to your computer or a network is essential to prevent losses to ransomware, or having a backup on a cloud service like OneDrive (if you're more worried about losing your data than having someone else able to replicate it, since those services usually restore deleted files if an invader removes them from their cloud).