2019 – THE BREACH BEGINS!
If the all major breaches are studied in details on the major parameters of security, use of latest technologies, the hackers knowledge, effort & preparation and the lackadaisical behaviour on the user side, it would throw up our abysmal level of preparedness, notwithstanding the tall claims. The effort lacks exactitude. Enterprise’s certificates for this purpose are valid to the time they are hacked. 2019 is no different and the year has started work a breach bang. 773 million stolen email addresses have been leaked online in a huge data breach.
Dubbed as the biggest breach after the three billion Yahoo account breach in 2013. Tory Hunt who gave the details runs the service Have I been Pwned, the leak termed as Collection #1 has been compiled from more than 2,000 different data breaches & hacked databases and websites. A security researcher found 87 GB dump of data hidden on a hacker forum. Touted as some as the largest data breach ever exposing more than one billion unique combinations of e-mail addresses and passwords.
It is told that some of the data is junk and a large part of the data may have been previously reported. But 140 million previously safe email addresses have been found in the breach. Users can use the website ’Have I Been Pwned,’ to check if their mail has been made available in the leak and check if their passwords are still safe. Users from around the world are believed to be affected. Tory Hunt warned that hackers could carry out ”credential stuffing” attacks, ”where hackers take lists of usernames and passwords and enter them on a range of other platforms to try and force access to different user accounts.”
People using same password across services are advised to get a password manager and get into the habit of using strong, unique ones across all accounts. There is also a need to turn on two factor authentication wherever available. Unfortunately, password still remains the most popular password followed by 1234567. User behavior has to drastically change for a change in stance of Cyber Security to happen. Same gets reflected in enterprises and governments too, to a considerable extent.
THROUGH OUR EDUCATIONAL SYSTEM CYBER SECURITY SHOULD GET INTO OUR DNA.