The alleged OnlyFans leak is a stark reminder that your passwords, browsing habits, and private data are never truly hidden online. Experts warn that weak security habits and data breach fatigue are making users increasingly vulnerable to blackmail and fraud.

We’ve all probably been guilty of a little defensive whining.

“What’s the point of protecting my data when I’ve nothing to hide?” or “How can I be expected to remember a random string of letters and symbols?”

Well, try running that past OnlyFans subscribers and creators who may have had their browsing preferences leaked – allegations that the platform denies.

Martynas Dainys, a digital privacy expert and product manager at Surfshark VPN (which belongs to the same company group as Cybernews), explains the chilling implication behind such a breach: "There's an opportunity for blackmail. Do this, or I'll tell your wife you're using OnlyFans."

In effect, it could be their entire livelihood at stake here – logins, bank access, secret browsing habits – you name it.

So what can be done to prevent such an atrocity? Well, a few things.

The path of least resistance

Like throwing chicken wings into the air fryer (they should really be pan-fried), we often want to make minimal effort when orchestrating tasks. But people don’t desire bad security – they just want to make minimal effort.

"We tend to fall into paths of least resistance,” explains Dainys.

"So if anyone requires us to do something, we will do the bare minimum."

And when we hear that we should change our password every 30 days, we simply don’t like being told what to do.

Most of the time, that means we need to get burned first, but for the general populace, it’s largely a case of old habits die hard.

“Until they figure out the hard way what's really dangerous, before they get hurt, they won't do anything,” observes Dainys.

“Everything is already out there”

Young people, in particular, seem less concerned about data breaches. Perhaps it’s not cool, a bit like when your parents remind you to lock the house properly, and not be home so late.

“They think that since we've seen all these data breaches worldwide – every day there's something hacked,” explains Dainys, noticing a dangerous mindset at play.

“They assume everything is already out there. So why the hell should I care to protect it?”

And human apathy is seemingly a hacker's favorite weapon. When data is made public, it’s only a matter of time before the real harm is done.

And that harm could be serious blackmail, or “sophisticated social engineering,” as Dainys puts it. Think about that again for a moment – all your passwords, bank accounts, late-night habits, and private conversations.

So, what actually works?

Despite all this, we shouldn’t really be shaming people for their bad habits. Instead, Dainys meets the end user squarely where they are.

One thing many of us do is use a random string of letters and symbols, which isn’t actually the best approach. Instead, there’s a tactic called “salting your password.”

Salting can be narrative-based. In his talk on stage at Login, a tech forum in Vilnius, Lithuania, Dainys gave an example. Like you might have walked past a coffeeshop and seen a stuffed green dog in the window, hence your new password could be “CoffeeWindowGre3nDog.”

And speaking of the older generation, Dainys even defended keeping all your different passwords on a piece of paper as better than memorizing and re-using only one, providing that “you have your room secured, and you trust the people in the room."

Well, so long as the person in the room doesn’t mind your late-night browser habits.

---