With the Covid-19 outbreak, cyber criminals have seized this global crisis to launch treacherous cyber exploits. We now have a cyber pandemic on our hands that makes Covid look like child’s play. Now is the time to pull out all the stops and take action to protect yourself and your organization.
Back in April, hackers have dumped a mind-boggling 3.2 billion Gmail, Hotmail, Netflix, and LinkedIn usernames and passwords on the dark web. This hack was officially called Breachcomp2.0. Cybersecurity experts dubbed the record-setting data breach “the mother of all leaks.”
Now, just a couple of months later, a text file containing more than 8 billion emails and passwords leaked online. Dubbed “RockYou2021,” this leak is considered the largest data leak ever. That is just in the past 2 months.
The likelihood that your data has been compromised is pretty large. “Considering the fact that only about 4.7 billion people are online, numbers-wise the RockYou2021 compilation potentially includes the passwords of the entire global online population almost two times over,” the report said. You are advised to change all your passwords immediately.
Only 20 percent of people use different passwords for different logins, while 11 percent never change their passwords at all. The problem of course is that this can lead to identity theft. You can verify if your emails was compromised using this link. You can view the data that Google has on your passwords at https://passwords.google.com/
I get it, changing passwords and using long, cryptic passwords that you can’t remember is a pain. Using different logins and passwords for new accounts reduces a hacker’s chances of stealing your personal information. But this is a challenge for most of us. The average person manages 90 online accounts for email, social media, banking, streaming, and other services. How can we possibly remember 90 separate usernames? And 90 passwords?
Any of these common actions could put you at risk of having your password stolen:
- Using the same password on more than one site
- Downloading software from the Internet
- Clicking on links in email messages
2-Step Verification can help keep bad guys out, even if they have your password. Whenever possible, you should also use 2-factor authentication. I know, this is another pain, especially for sites that are slow to respond with the one-time security code. If the website supports it, using Google Authenticator can make this faster. there are plugins for WordPress that use Google Authenticator, which is a good idea, especially for access to the administrative dashboard. Google Authenticator is available on the Android Play Store, the Apple App Store, and the Chrome Browser.
My recommendation: Use a password app like KeePass. This program is totally free and it keeps your passwords safe. You only have to remember the primary password to get into the encrypted data. Don’t use the same password for more than 1 site. If you are adverse to using a password tool, then try something like this: “Myaddressis1234MainSt@websitename” That way you get a long password that includes upper and lower case characters, numbers, special characters, and it is easy to remember even though it is different for each website. You could use any combination of letters and numbers such as birthdays, phone numbers, etc.
But the important thing is don’t think you are immune – this is a bigger threat than Covid and it doesn’t care if you are an Apple user, a Chrome user, or even if you don’t have a Facebook account. The only “vaccine” is for you to practice safe logging.