National Lottery -10 Million Players Told To Change Passwords

By   ISBuzz Team
Writer , Information Security Buzz | Mar 21, 2018 11:46 am PST

In response to the news that millions of National Lottery players have been urged to change their passwords following what parent company Camelot describes as “suspicious activity” involving lottery accounts, Travis Smith, Principle Security Researcher at Tripwire commented below.

Travis Smith, Principle Security Researcher at Tripwire:

“Password re-use can be a crippling mistake. It’s less risky for attackers to use authentic credentials than to leverage exploits, as security tools are more likely to detect an active exploit. Since the same log-in credentials are commonly re-used across different websites, stolen credentials from one breach can lead to several other breaches (known as password-stuffing or credential-stuffing attacks).

Password managers can be an effective way for using unique and complex passwords for every website. By having a unique password on each site, you eliminate the chances of criminals using password-stuffing attacks against you. If available, two-factor authentication is another great step for reducing this risk. If an attacker gains access to valid credentials, they will be rendered useless if they don’t also have access to the device generating the second factor code.”

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x