For years, I hardly thought about my online privacy. Like many others, I figured: “I’m just a regular user. What could really happen?” That all changed after a conversation with Collin — someone who calmly but clearly opened my eyes to the risks of the internet.

During our talk, I told him I once watched a movie on an illegal streaming site. Not something I’m proud of, but at the time it seemed harmless. Collin raised an eyebrow, opened a website called Have I Been Pwnedand asked if I had ever checked my email there. I hadn’t.

A bit unsure, I entered my email address. Within seconds, five data breaches popped up that had exposed my information. Five! From old accounts to popular platforms I’d completely forgotten about. My passwords, email address, and personal info had been made public — and I had no idea.

That moment felt like a digital wake-up call. I used to think privacy was only for people with something to hide, but I realized: your data is valuable, and whoever controls your information, controls your online life.

Collin gave me some practical tips, and I started applying them that very same day. The first thing I did was change all my passwords. Not just the important ones — all of them. Every single reused password from the past years. To do it right, I switched to a password manager. Now I create and store unique, strong passwords for every site. No more spreadsheets or sticky notes — just a secure, encrypted tool that’s easy to use.

Next, I thought about how I use the internet in general. I realized I was always online without any protection. Since then, I’ve started using a VPN (Virtual Private Network). A VPN encrypts my internet traffic and hides my IP address. That means: no tracking, no prying eyes from advertisers or hackers, and no open connections on public Wi-Fi. Especially now that my data has already been leaked, I don’t want to make things worse.

I also decided to create a second email address. I now use my main address only for personal and official communication — like my bank and government services. For newsletters, registrations, or online shopping, I use the second one. Since then, my spam has been cut in half — and my inbox feels organized again.

Another simple step I took was enabling two-factor authentication (2FA). Most major websites support it. Even if someone gets my password, they can’t access anything without that extra code. It takes me 10 extra seconds to log in, but it’s totally worth it.

Since then, I check every few months if my data has been leaked again on Have I Been Pwned. It only takes a second to enter your email, and you’ll immediately know if it’s time to take action again. This habit has made me much more conscious of what I share online — and how I protect myself digitally.