Helping you balance your online life
Advertisement

Aug 14th

2014

Russian Hackers Collect 1.2 Billion Passwords!

‚ÄčThere has been another breach! According to the New York Times, 1.2 billion usernames and passwords have been stolen by a Russian gang. Security researchers have suggested that it is now the LARGEST known collection of stolen Internet credentials. Not only were usernames and passwords stolen, but also over 500 million email addresses.
Hacker
Hold Security, a firm in Milwaukee, discovered the breach among 420,000 different websites and are continuing to investigate. "Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites," said Alex Holden, the founder and chief information security officer of Hold Security.

Some companies and individuals still believe that "it won't happen to me," and don't have any plans to protect themselves. Are you one of the 1.2 billion who have already been affected? As of now, the records that were stolen seem to only be used to send spam on social networks. But with the information they have taken, they could sell it on the black market and make a ton of money off of your "unique" password. Many of us reuse our login and password on multiple websites because, let's face it, we keep forgetting which password goes to which website. Criminals can then capture your information from only one website and then try this login on multiple websites until it works. Hackers can get access to your email address, bank accounts, and even your social security number. Unless you monitor your identity regularly, there could be another "you" running around in Russia right now!

So how do these computer geniuses figure this all out? Well you would be surprised that it's only a couple of young 20-year-olds with some programming background that got together and started stealing your credentials using botnets. Botnets could affect anyone around you. It aims for the innocent who click on a link in an email or accidently click on a pop up ad to download the newest and coolest thing. Little do they know, they have downloaded malicious software, known as malware. Now their computer has been infected with the virus which turns them into a "zombie." It, along with many other infected computers, becomes a slave to a hacker forming a botnet. The New York Times explains that "Any time an infected user visits a website, criminals command the botnet to test that website to see if it is vulnerable to a well-known hacking technique known as an SQL injection." This is when a "hacker enters commands that cause a database to produce its contents. If the website proves vulnerable, criminals flag the site and return later to extract the full contents of the database."

We cannot always rely on the companies collecting our information to keep it safe. We should protect ourselves as well. Here are five steps to decrease your risk of being infected by malware and protect your identity:
  1. Change your passwords every 6 months: Because so many are affected, start now by changing your password and then do it again in 6 months. This is especially important for sites that hold a lot of personal information like online banking, credit cards, etc.
  2. Do not use the same password for all of your accounts: The hackers only have to steal one username and password to have access to multiple websites. If you have a different password for each website then they have fewer sites to get access to. You can protect your passwords with one click access to all your stored accounts.
  3. Create a strong password: Norton Protection suggests making "sure that your password is a minimum of eight characters long, and that it doesn't contain your real name, username, or any other personally identifying information. It should also contain a combination of uppercase and lowercase letters, numbers, and special characters."
  4. Protect Your Identity: If you see anything unusual with your bank statements or credit score, report it immediately. It's worth it to sign up for Identity Theft Protection. Let someone else clean up the mess for you.
  5. Protect Your Computer: Make sure you have a computer protection plan on all of your computers that checks the status of your security software, letting you know whether or not you're protected from the latest online threats.
Keep up to date with the newest online dangers and up to date protection plans by following us.

Written by Jaclyn Jenkins with AOL
Advertisement