Security company Trustwave made a discovery last week that sent the online world into a frenzy. They recovered two million stolen passwords from 93,000 different websites. This password cache included user accounts from major companies like Facebook, LinkedIn, Google, Twitter, and Yahoo. Is your password part of this haul?
These passwords were found inside a server in the Netherlands and the scam appears to be the work of a password collecting botnet called "Pony." Utilizing email phishing scams, the major hacking operation spanned the globe and netted passwords from more than 100 countries. This scam appears to have been in operation since October and security experts believe that it remains active.
Upon making the significant discovery, Trustwave immediately notified each company affected by the security breach. The affected companies then took action and immediately reset the passwords of their affected users and notified them that their account had been compromised.
The site with the most stolen passwords was Facebook with 300,000. The breached website that put businesses most at risk is the popular payroll management app ADP which had 8,000 accounts compromised. A spokesperson from ADP commented on the breach and said, "To our knowledge, none of ADP's clients has been adversely affected by the compromised credentials."
Are Your Passwords Safe?
This news story may make you want to panic, but before you do, understand that unless you received a notification from your online service about the breach, then your account is likely safe.
If you were hacked, then your service provider would have automatically reset your password for you. The hacked users most at risk would be the ones that use a single password across multiple accounts. Therefore, if you were one of the two million victims out there, and you use the same password for your many accounts, then you will want to stop what you're doing and change the passwords for all of your accounts right now, and while you're at it, be on lookout for fraudulent charges.
You can minimize the risk from attacks like this by properly managing your online passwords and accounts. Here are a few tips that will protect you from phishing scams like the Pony botnet.
All of these security tips will go a long way in protecting your data. One of the biggest things you can do keep your business safe from online scams like this is to install a Unified Threat Management (UTM) tool for your network. Ferrum Technology Services can install a UTM for you that's designed to fit the unique needs of your business. A UTM can provide your organization services like content filtering and a strong firewall to help protect you from the worst on the web. To learn more about password management and UTM, give us a call at (847) 697-3282.
Comments