The internet has brought services and fun/useful platforms closer. At the tap on your smartphone or tablet and a click on our computer, we can send/receive cash, communicate with family and friends, run an advertisement, take a class among other things.
All these conveniences come with a lot of cyber threats and that is why we always create accounts complete with username and passwords. However, given the many accounts we have and the passwords we are expected to remember, it is easy you create just one password for all your online accounts.
While some will have stronger security with features like two-factor authentication, biometrics and all. The majority of online accounts don’t provide this extra layer of security; a simple username and password are all you get.
For such accounts, they pose the greatest risk especially if you use the same password across all of them; so you can easily remember. You might want to change that password you have been using for years on multiple online accounts.
Especially following reports by The Register saying some 16 websites have been hacked and the attackers made away with full names, hashed passwords, email addresses, and even birthdays for over 617 million people.
The hackers are now selling this information on the dark web for about $20,000. The publisher list the following sites as having been hacked and attackers making away with the passwords among other personal user information:
Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700k)
Some of these websites have come out and announced they were hacked, though they are not being generous with the whole truth. Like when exactly they were hacked, which is interesting given the information being shared by the hackers show the hacking on some of these sites took place a long time ago.
Yet, it is only now that the websites owners are coming out to tell users they were hacked. As a rule of thumb, give yourself a time period after which you should change your passwords. You can have it as after every three months or so, and put it in your calendar. That way you get a reminder when the time is due for changing your passwords. You should also utilize the full security system set up by any website. That entails two-factor authentication.
You should also check if your information has been breached by going to HaveIBeenPwned.com, which will let you know if your email address has been listed anywhere for sale on the dark web.