Following the news that 45 million accounts from home, tech and sport forums have been stolen after hackers infiltrated media company, VerticalScope, Jonathan Sander, VP of Product Strategy at Lieberman Software and Javvad Malik, Security Advocate at AlienVault commented below.
Jonathan Sander, VP of Product Strategy at Lieberman Software:
As more and more sites are breached and passwords are stolen, the hope is that users are getting the message that password use is not OK. If a bad guy gets access to their sports forum account, they probably are only in danger of angering the folks in their local clubhouse with fraudulent posts. If they used the same password at their bank as that sports forum, however, then maybe they’ll get kicked out of their club when they can’t pay their dues when their account is drained of all its funds.”
Javvad Malik, Security Advocate at AlienVault:
“The article throws up some commentary on the poor way passwords were held and that they were likely all in one big dataset… which unfortunately, indicates that most companies are still failing at the basics when it comes to security. Having segregated environments, strong password storage, and effective monitoring and detection controls to be alerted when a breach occurs should be the cornerstone of any online service offering.
When these types of breaches continually occur we see two prominent shifts. On one hand we see regulators get extremely twitchy and become closer to increasing regulation which means more fines for companies and more investment in security up front. On the other hand, customer trust becomes fragmented and lost across all online services. While this may not be visible in the traditional sense of how we view trust, i.e. people leaving a service – but they will be more likely to use fake information to populate profiles such as date of birth, address, or other personal details. The knock on effect is that a number of online entities will not get to know their user-base very well at all and could impact future product development.
From a victim perspective, the advice would be to change passwords on other sites which may have been using the same password as one of the forums and keep an eye out for unusual activity – turn on alerting and multi-factor authentication.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…