Massive Breach Exposed 773 million E-mails, Passwords

  by    0   0

News of the latest global data breach of some 773 million e-mail address and passwords should prompt individuals and organizations alike to change their passwords – particularly for any accounts that have financial, credit card or other personal information.

The scope of this breach cannot be overstated as the list includes log-in credentials from more than 2,000 websites, according to an article on the website Marketwatch, which cited a report by security researcher Troy Hunt.

Hunt said that the files were collected from a number of breaches and uploaded to a cloud service called MEGA, and the data was promoted on popular hacking forums. MEGA eventually removed the data, so it’s not clear how many hackers gained access to the files.

Considering the size and scope of the data trove, you should immediately change your passwords on sites such as:

  • Your online e-mail services (like Gmail, Hotmail, etc.)
  • Your banking and other financial services accounts (retirement accounts, credit cards, etc.)
  • All of your social media accounts.
  • E-commerce sites.
  • Subscription sites and other sites that store your credit card information.

Hunt has created a page on his website for anybody to check to see if their e-mail address and passwords were compromised. You can check here for free: www.haveibeenpwned.com.

Hunt said even his own data appeared in the giant trove of stolen e-mails and passwords, despite his intensive security practices as a privacy professional.

If you have employees, you should notify all of them about the breach and urge them to change their passwords. It should be an organization-wide endeavor.

To best protect your privacy, Hunt recommends using strong passwords, a password manager and two-factor authentication. Two-factor authentication requires users to input a code sent to their phone or e-mail for log in, adding an extra layer of security

Top five password tips

  1. Adopt long passwords – And don’t use things like $ for the letter “s” or 3 for “E”, and other such changes that hackers are on to.
  2. Avoid periodic changes – Instead, change your passwords only when you feel there has been a threat. Most people will recycle old passwords or make small changes to their existing password.
  3. Create a password blacklist – Use this as the list of codes to avoid when making a new password.
  4. Implement two-factor authentication – Two-factor authentication has already become a de facto standard for managing access to corporate servers. In addition to traditional credentials like username and password, users have to confirm their identity with one-time code sent to their mobile device or using a personalized USB token.
  5. Organize regular staff training – Nearly 41% of company data leaks occur because of negligent or untrained workers who open phishing e-mails. It’s important to train employees to detect and avoid phishing and other social media attacks.


Related Posts

Is Your Business Prepared for Recreational Marijuana Use?

cannabis marijuana workCompanies in states that have legalized marijuana are wrestling with how to deal with employees that use, particularly if they did so the night before and are still feeling the effects the following day. A new survey found that one-third of business owners are not prepared for managing the effects of legalized marijuana in the […]

READ MORE →

Cal/OSHA Working on Rules to Protect Outdoor Workers from Wildfire Smoke

wildfireCal/OSHA is developing regulations that would require employers of outdoor workers to provide respiratory equipment when air quality is significantly affected by wildfires. Smoke from wildfires can travel hundreds of miles and while an area may not be in danger of the wildfire, the smoke can be thick and dangerous, reaching unhealthy levels. The danger […]

READ MORE →

Conduct Diversity Training to Head Off Potential Lawsuits

Happy diverse people togetherAfter R&B star SZA said she had security called on her while shopping at a Zefora store in California, the chain closed all of its U.S. stores for an hour to conduct “inclusion workshops” for its 16,000 employees. Zefora understood the swift backlash that can hit a company that has acted inappropriately towards a customer, […]

READ MORE →

If Your Firm Is Sued for Discrimination, Act Fast to Check EEOC Complaint

discrimination EEOCEmployers that are hit with a discrimination complaint must act fast to compare the allegations in the lawsuit to the earlier complaint the worker filed to the Equal Employment Opportunity Commission. If the employer can find that the allegations in the complaint filed with the EEOC do not match those in the subsequent lawsuit filed […]

READ MORE →

Why Your Business May Need Pollution Insurance

pollutionMany businesses that produce some type of pollutant throughout the course of daily business operations don’t know they are doing so. Others know they are producing pollutants and have processes and safeguards in place to reduce their release into the environment. A business can be held liable for some very costly damages when these byproducts […]

READ MORE →

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top