Every so often, we hear of another huge data breach, in which a large company’s database is hacked and customer information is exposed. For example, Ebay, Yahoo, LinkedIn, and even Sony’s Playstation network have suffered data theft in the past few years. When these hacking events happen, customers who hear of the problem will usually change their password right away. That fixes the issue, right?
Well, not entirely. Let’s assume that hackers obtain your Ebay password. Since you changed the password as soon as you learned of the breach, your Ebay account is probably secure. But did you use that same password elsewhere?
Chances are, you did. About 55 percent of internet users choose the same password for multiple online accounts, or even all of their accounts! Hackers have caught onto this common weakness, and will store your old password (say, the one from the Ebay hack) and try it along with your email address on other websites. It’s not uncommon to find a match or two, and now these unscrupulous people have access to your Netflix account, or your social media profiles.
Obviously, the easiest way to avoid being hacked via credential stuffing is to change all of your passwords, and make each one unique. Yes, we know that keeping up with all of those passwords can be a pain, but dealing with a hacking incident or data breach is much worse. Going through a bit of trouble now is worth the time, if it protects your customer data and business reputation.
One more thing: You should also make sure your employees understand what credential stuffing is, and why it is so important to use unique passwords for each of their accounts. This is especially true for any account associated with your business.
If you have questions about choosing secure passwords, and keeping your data safe, give us a call at 888-RING-MY-TECH. We can share more ways to safeguard your login information, to keep your online accounts safe from the prying eyes of would-be hackers.