A data breach is like robbing a bank. It is criminal, involves planning, and generates a lot of cash if successful and less risky, as there is almost no chance of getting caught.
Compromising or breaching a large organisation like Ryanair, Microsoft or Facebook is a highly regarded achievement for hackers and very profitable. For example, the young Russian LinkedIn hacker Yevgeniy Alexandrovich Nikulin earned millions from the LinkedIn details he stole. Stupidly, he posted opulently all over Instagram displaying a rock star taste in cars, Rolls-Royce, Lamborghini, and Ferrari. Wanted worldwide for years for his crimes. Interpol finally arrested Yevgeniy (he posted a picture of his Mercedes G-Wagen on Instagram boasting he was on his way to lunch in Prague. Don't get fooled again. Grab a trial (Keeper Security MSP) now.
He spent several years in the Czech Republic while the US & Russia argued over his extradition with the US prevailing, eventually. He irritated the Californian Judge by complaining several times about the lack of gaming devices and games in the jail during the trial. He was apparently disinterested in his trial. The judge decided Yevgeniy should enjoy the US for 88 months, minus some time served, courtesy of the Dept of corrections. The maximum penalty is 30 years.
From Moscow, Nikulin hacked LinkedIn by accessing the computer of a San Francisco-based employee and installing malware to control the computer. He went to hit Dropbox as well. Nikulin then sold his hacked data online. Clean new data with almost a 100% chance of reaching the intended target. To find out more, email us.
Data from companies like Ryanair or Microsoft will include corporate and personal data. Many individuals think they are safe from online criminals because they are private citizens and of no interest to criminals. Let's be clear, everybody is at risk. Almost everybody has received a Nigerian prince email, and almost everybody has received an extremely unpleasant email saying they watch adult content. They have no choice but to pay about £800 in bitcoin for fear of being exposed to their friends, employers, and family.
Most large organisations don’t admit it initially, preferring to risk it following a breach. They wait until there are rumours on the dark web of the breach. They will then announce they suffered a minor breach and report it to the authorities, which is the law under GDPR. Some days or weeks later, they will say that the breach was more serious than feared, with far more information lost. They are looking into the matter further, cooperating with the authorities, genuinely regret it, improving online security, and so forth Yahoo recently compensated US users $400 each for their 2012 breach. Many subsequently claimed it was barely worth the effort in the end.
Change #Passwords for the better
To avoid morons like Nikulin, here are simple suggestions.
Criminal password bots need a few seconds to guess a stupid password like Michelle_1990, LiverpoolFC, Fido_dog. Some business use the same passwords hundreds of times daily across of all their systems.
Data breaches occur daily these days. Microsoft, British Airways, Sony PlayStation and Spotify have been hacked recently. Facebook lost 600 million user details to a data breach in 2021. Meta, the Facebook holding company, reluctantly confirmed the hacking. Almost every bank in Europe has suffered a breach.
Much of the public thinks they are not at risk from these data breaches. Nothing could be further from the truth, as millions of people have discovered through LinkedIn and Dropbox hacks, with kindly offers from Nigerian Generals & Princes. People receive unwanted phone calls, and emails claiming strange things requesting bitcoin transfers and worse.
Make sure every password is unique.
Sadly, most companies and individuals continue to use the same password on dozens of different accounts. We estimate that most people use the same password at least 20 times across their 100 separate accounts, including social media, popular sites like Spotify, or the BBC.
Check your passwords, get rid of duplicate passwords, and use longer unique passwords with numbers, letters and special characters. Password bots can usually figure out the top 1000 passwords within 20 seconds. If you take our recommendation, it will take hours and the bot will give up. Then the bot will move to the next guy, leaving you in peace.
That’s why you should use a password manager. Password managers require you to remember only one password, the password to login to the password manager itself. Keeper Security, for example, remembers your passwords, including the ones requiring 2FA (Two-factor authentication) reducing your risk factor to near zero.
Good password managers will tell you which companies, apps and popular websites of recent hacks. On the 22nd of August 2022, password manager LastPass announced their servers and systems were hacked in recent days.
Articles, links, and connections from the BeSecureOnline site you might find interesting.
8 good reasons to use a proper password manager
Ransomware - To pay or not to pay - Ransomware
German Insurer Allianz says - Businesses fear a catastrophic IT failure the most
Cybersecurity Essentials for Business
Social Media Expertise from Michael Keogh
Get the latest updates in your email box automatically.