It appears, the hackers based in a small city in South Central Russia, gathered customer information from 420,000 websites, large and small. Hold Security would not disclose which websites or who the victims are because of binding non-disclosure agreements, as well as the risk of making vulnerable companies and individuals a target for further attacks.
Other security professionals and computer crime experts have verified the information uncovered by Hold Security as authentic. They say the problem is getting worse every year, with many large companies being aware of cyber-security issues, but still unable to do much about it other than prompt customers to change their passwords.
Mr. Holden said, “Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites, and most of these sites are still vulnerable.” His firm has been trying to contact the sites that have been hacked, but some remain unreachable, and he hopes this week’s story will get the message through to companies and individuals alike that caution needs to be exercised.
Identity theft is becoming more and more prevalent, and it seems that each month authorities report a new theft, but the easiest way to protect yourself, and to lessen the chances of being targeted, is to simply vary your use of passwords.
Hackers have most of their success because so many consumers repeat the same password on the different sites we use. This means they only have to get hold of a single password, and then run an analysis on popular sites to see if that password will open other services in your name as well. For those who use the same password, one compromised password can mean the hackers have access to dozens of sites you frequent.
It’s a common mistake, and in this increasingly digital world, where every website from your supermarket to your social media account is password protected, it can be hard to remember them all. This is why many experts recommend using password managers. They are simple programs which can both formulate strong passwords and protect the ones you have. With a password manager you only have to remember one password to get access to the rest of your data.
In the meantime, be cautious with your identity. Change your passwords regularly, and take care to question any unexpected requests for money on social media or by email. It’s far better to be safe than sorry.
(Photo courtesy of Don Hankins)