National Lottery -10 Million Players Told To Change Passwords

In response to the news that millions of National Lottery players have been urged to change their passwords following what parent company Camelot describes as “suspicious activity” involving lottery accounts, Travis Smith, Principle Security Researcher at Tripwire commented below.

Travis Smith, Principle Security Researcher at Tripwire:

“Password re-use can be a crippling mistake. It’s less risky for attackers to use authentic credentials than to leverage exploits, as security tools are more likely to detect an active exploit. Since the same log-in credentials are commonly re-used across different websites, stolen credentials from one breach can lead to several other breaches (known as password-stuffing or credential-stuffing attacks).

Password managers can be an effective way for using unique and complex passwords for every website. By having a unique password on each site, you eliminate the chances of criminals using password-stuffing attacks against you. If available, two-factor authentication is another great step for reducing this risk. If an attacker gains access to valid credentials, they will be rendered useless if they don’t also have access to the device generating the second factor code.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.