Connect with us

Hi, what are you looking for?

OPINIONS

My data was leaked. What should I do?

Experts at Kaspersky Lab said numerous leaks have been appearing over the past few years and a lot more are expected to happen in the future.

Following the emergence last week of a massive database of exposed emails and passwords dubbed as Collection #1, Kaspersky Lab strongly urged internet users to apply unique passwords for each of their online accounts to minimize the chances of being affected by data breaches.

According to the global cybersecurity company, leaks and breaches happen quite often and sometimes these are huge in terms of risks and possible damages for account holders.

In the Philippines, over the weekend, financial services firm Cebuana Lhuillier confirmed that about 900,000 people were affected in a data breach involving their email server used for marketing purposes.

Malefactors collect the leaked information, creating databases with logins and passwords. Some of them try to add information from every leak to these databases, and that effort results in the creation of gigantic databases such as what www.troyhunt.com called Collection #1. This database contains more than 700 million unique email addresses and more than 1.1 billion unique login-password pairs from more than 2000 different leaks, some dating as far back as 2008 to most recent ones.

Advertisement. Scroll to continue reading.

Surprisingly, Collection #1 does not seem to include logins and passwords from well-known leaks such as LinkedIn’s in 2012 and both Yahoo breaches.

“This massive collection of data harvested through data breaches had been built up over a long period of time, so some of the account details are likely to be outdated now. However, it is no secret that despite growing awareness of the danger, people stick to the same passwords and even re-use them on multiple websites,” says Sergey Lozhkin, security expert at Kaspersky Lab.

“What’s more, this collection can be easily be turned into a single list of emails and passwords and then all that attackers need to do is to write a relatively simple software program to check if the passwords are working. The consequences of account access can range from very productive phishing, as criminals can automatically send malicious emails to a victim’s list of contacts, to targeted attacks designed to steal victims’ entire digital identity or money or to compromise their social media network data,”  he adds.

Experts at Kaspersky Lab said numerous leaks have been appearing over the past few years and a lot more are expected to happen in the future.

Lozhkin strongly recommends everyone who uses email credential for online activities to take the following steps as soon as possible:

Advertisement. Scroll to continue reading.

1. Use strong passwords for your most important or sensitive accounts (such as internet banking, online payment or social media networks) and change them regularly.

2. Use long and unique passwords for each and every account. This way, if a service is breached, you’ll need to change just one password.

3. Check if your email account has been exposed online by going to  https://haveibeenpwned.com/  Type-in the e-mail address that your accounts are associated with and you will find out if that address was included in any of the leaked databases that haveibeenpwned.com is aware of.

4. Enable two-factor authentication wherever it is possible. It will not allow hackers into your account even if they managed to obtain your login and password.

5. Use security solutions such as Kaspersky Security Cloud that can warn you about recent breaches.

Advertisement. Scroll to continue reading.

6. Consider switching to a password manager such as Kaspersky Password Manager that can help create many unique and strong passwords with no need to memorize them. Password managers can also help change the passwords faster whenever you need it.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement