How MySudo Keeps You Safe on Social Media Even in a Data Breach

Social media is cool for connecting and sharing content, but it’s a high-risk place for being tracked and scammed.

The FTC calls social media “a golden goose for scammers”, and rails against the platforms’ collection and monetization of users’ personal data which “endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identity theft to stalking.”

Social Media Day this June 30 is a good time to rethink how you manage your social media safety and privacy—and let MySudo all-in-one privacy app keep you safe on social media even if there’s a data breach.

Social media presents two massive safety risks: data breaches from malicious actors, and data surveillance from the platforms themselves. From both, you face significant harm to your personal safety, money, and reputation.

Data breaches happen when data troves like those kept by the social media giants are actively stolen and used maliciously for crimes such as identity theft, credit card fraud, phishing schemes, and other unauthorized access to accounts. This is in addition to the social media scams that are already rife: Globally, 30.5% of all phishing attacks were via social media in 2024, and one-quarter of all people who reported losing money to fraud since 2021 said it started on social media.

In the first half of 2024, the number of data breach victims surpassed 1 billion—a 490 per cent increase from the same time in 2023.

Some of the largest data breaches of all time have been via social media and exposed billions of user records, including:

The “mother of all data breaches”—the 2024 discovery of a 12-terabyte database containing 26 billion leaked data records from users of Chinese messaging giant Tencent; social media platform Weibo; platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram; and various U.S. and other government organizations
The 2013–2106 breaches of Yahoo which exposed highly sensitive personal information from over 3 billion user accounts and still holds the record for the most people affected by breach of a social media platform
The April 2021 discovery of an earlier attack on Facebook which was one of its largest (Facebook has had data breaches since 2012), which leaked the names, phone numbers, account names, and passwords of over 530 million people
The high-profile Facebook/Cambridge Analytica attack, which saw British consulting firm, Cambridge Analytica, harvest and sell data from 50–90 million user accounts on Facebook
LinkedIn’s April 2021 breach of about 700 million users’ identities or around 93% of the total user base at the time
The March 2020 data breach of one of China’s largest social media platforms, Sina Weibo, in which 538 million user account details were stolen and sold on the dark web
The data breach of early social media platform MySpace, with 360 million compromised accounts.

But data breaches are only part of the social media risk story. In 2024 the FTC found that all the major social media and video streaming companies “harvest an enormous amount of Americans’ personal data and monetize it to the tune of billions of dollars a year.” This isn’t news, but it’s another credible confirmation of the global data privacy crisis.

Collected data from social media companies — Source: FTC, 2024

The FTC found:

Companies collect and indefinitely keep troves of data, including information from data brokers, and about both users and non-users of their platforms.
Many companies share the data, which raises “serious concerns regarding the adequacy of the companies’ data handling controls and oversight”.
Some companies “deployed privacy-invasive tracking technologies, such as pixels” to serve ads to users based on preferences and interests.
Users and non-users had little or no way to opt out of how their data was used by these automated systems.
Companies that “amass significant amounts of user data may be able to achieve market dominance, which may lead to harmful practices with companies prioritizing acquiring data at the expense of user privacy.”

But it’s not only social media platforms tracking and selling our data or “digital exhaust”: many companies engage in surveillance capitalism, even banks. What’s more, data brokers grease the wheels of this data economy by harvesting, manipulating and even misrepresenting consumer data and sell it to brands to hyper-personalize ads and content.

Of course, these massive data stores are rife with privacy invasions and safety risks including unintentional data exposure, third-party access and data mining, identity theft and social engineering scams, and data breaches, as we’ve covered.Statistics show most people in the world have now had their personal data stolen and it’s getting worse.

This deep dive from TechTarget on all the personal information that social media platforms and third-party apps collect about you and what they can do with it, plus how criminals can easily access all that information, is well worth a read. To stop yourself from falling victim to scams and to limit data surveillance of your life via social media, you really need a way to avoid giving your personal information to the platforms in the first place—and that’s where MySudo can help.

You can use MySudo all-in-one privacy app for social media in two ways:

Create an alternative digital identity called a Sudo just for your social media.
Update your existing social media accounts with your Sudo credentials instead of your personal information.

MySudo is built around Sudos, secure and customizable digital identities or “personas”, which come with their own alternative contact details like email and phone, and secure communications capabilities like end-to-end encrypted messaging and calling, virtual payment cards, and private browsing.

With MySudo, you can create a unique Sudo email address and phone number solely for signing up to and logging in to your social media accounts and never have to expose your personal email and phone number to the platforms.

You could even go one step further and create a separate Sudo digital identity for your work social media accounts and another Sudo for your personal social media accounts, separating the two for privacy and perhaps professional reputation purposes—whatever suits your real-life privacy needs.

When you do this you harness the power of compartmentalization, a military-style data protection strategy which MySudo makes easy. Platforms will still track you and criminals will still try to scam you, but they’ll only have access to your Sudo information, not your personal information which you probably use for your banking and medical information, for example, and definitely don’t want to risk with your doom scrolling.

MySudo is a great second chance at digital privacy. Once you have created a dedicated social media Sudo, you could go in and switch out your personal email and phone number for the new Sudo login details. Remember, if your socials are breached, your personal life is safe. The scammers can’t steal your personal information or invade your personal life, and the platforms can’t link your personal email and phone number to your other online activity to build and monetize your social graph.

If you’re ready to put MySudo to work for your social media safety (and for your other online and real-life activity), start by downloading MySudo for iOS or Android, and MySudo desktop and browser extension for convenience, and then create a dedicated “social media Sudo”. Your Sudo will come with:

1 email address – for social media sign-ups and logins, end-to-end encrypted emails between app users, and standard email with everyone else
1 phone number (optional)* – for social media sign-ups and logins, end-to-end encrypted messaging and video, voice and group calls between app users, and standard connections with everyone else; customizable and mutable
1 handle – for end-to-end encrypted messages and video, voice and group calls between app users
1 private browser – for using social media without ads and tracking
1 virtual card (optional)* – for protecting your personal information and your money when you pay online; like a proxy for your credit or debit card or bank account.

Once your have your social media Sudo, you can:

Use the Sudo email to sign up and log in to social media platforms. Almost every social media platform requires at least an email address to set up an account and log in. By using your Sudo email instead of your personal one, the platform – and scammers – don’t have your personal email; they only have your social media Sudo email.
Use the Sudo phone number for verification.Most platforms require a phone number for two-factor authentication and account recovery. By using your Sudo phone number instead of your personal one, the platforms and scammers don’t have your personal phone number, only your Sudo phone number. They can only scam your Sudo phone number and because you know it’s your Sudo number and not your personal one, you limit any damage to only that Sudo.

If you want to go further, you might even think about:

Always accessing your social media accounts through the Sudo private browser. Your Sudo private browser stops ads and tracking by default
Taking your sensitive conversations out of the platforms and into MySudo, where all messaging with other MySudo users is end-to-end encrypted. All calls and emails with other MySudo users are end-to-end encrypted, too.

MySudo will take you a long way to social media safety, but it’s important you follow some basic safety tips, like these from the FTC:

Limit who can see your posts and information on social media. All platforms collect information about you from your activities on social media, but visit your privacy settings to set some restrictions.
If you get a message from a friend about an opportunity or an urgent need for money, call them. Their account may have been hacked—especially if they ask you to pay by cryptocurrency, gift card, or wire transfer. That’s how scammers ask you to pay.
If someone appears on your social media and rushes you to start a friendship or romance, slow down. Read about romance scams. And never send money to someone you haven’t met in person.
Before you buy, check out the company. Search online for its name plus “scam” or “complaint.”

To learn more about how to spot, avoid, and report scams—and how to recover money if you’ve paid a scammer—visit ftc.gov/scams. If you spot a scam, report it to the FTC at ReportFraud.ftc.gov.

Here are some more tips:

Don’t post sensitive personal information, such as your home address or phone number. Sharing things like the names of your family, pet and school can give scammers the hints they need to guess your passwords or the answers to your account security questions.
Be mindful of your location settings and avoid sharing excessive details about your whereabouts.
Use strong passwords and enable two-factor authentication on all your social media accounts.
Use private internet connections. MySudo VPN shields your location and IP address.
Be wary of requests from strangers and don’t click on suspicious links.
Be wary of third-party apps that request access to your social media account. And avoid social login (see more on that below).

If you discover your personal information was exposed in a data breach, quickly change your passwords, add a fraud alert to your credit reports, and place a freeze on your credit reports. More helpful advice is available at the non-profit Identity Theft Resource Centre.

You can also move quickly to download RECLAIM personal data removal service, part of the MySudo app family.

Clearly, it’s more important than ever to scroll and share safely on social media. Download MySudo for iOS or Android and protect yourself on the platforms.

Got questions? Head to MySudo FAQs.

How universities can boost graduate employability with verifiable credentials

In today’s competitive job market, a university degree is no longer the only indicator of a graduate’s readiness for the workforce. Employers are looking for…