In response to reports that indicate a hacker group named ShinyHunters is selling over 73 million user records from 11 companies on the dark web, a cybersecurity expert offers perspective.
Criminal hacking groups are all about getting the most money for the records they steal or collect from various data breaches to organizations. Whether they get a thousand records or a million records, they have some potential value on the dark web. By collecting all of these records, the criminal groups can reverse engineer the passwords to build up a database for credential stuffing, an attack where users\’ passwords are tried against other websites or online services to gain access.
These breaches are avoidable, as organizations can establish a robust security culture to get cybersecurity in the early stages of development, implementation, and monitoring consistently.
End users will want to continue vigilance when it comes to spear phishing or targeted emails about their accounts. By sharing their password or some other sensitive information from the breach, a criminal\’s email will entice them to open attachments or click on links related to these attacks and thus compromise their systems further.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics