#LinkedIn Hack – 117 Million Passwords up for sale

health-data-breachLinkedIn was hacked four years ago, and what initially seemed to be a theft of 6.5 million passwords has actually turned out to be a breach of 117 million passwords.

On Wednesday, the professional social network company acknowledged that a massive batch of login credentials is being sold on the black market by hackers.

 The worst part about it is that, because people tend to reuse their passwords, hackers are more likely to gain access to 117 million people’s email and bank accounts.

The advice for everyone who uses LinkedIn at this point is: Change your password and add something called two-factor authentication, which requires a text message every time you sign in from a new computer.

(via CNN Money)

You’re Compromised, in trouble – now what?

What happens with these data leaks?  A huge percentage of people use the same user name and password across many if not all of their accounts.  A hacker or someone who has obtained your information to say your email account can analyze your Inbox, see where you have bank accounts, statements, social media accounts and then plan their further attacks from there.  Maybe they empty your bank accounts, purchase high ticket items from online stores or maybe they plan a more personal attack on you via social media with a means to bribery and extorting money.  Those pictures in your email, messages, social media you thought were safe, they’re now up for grabs, for publishing, for shaming – what now?  Your passwords have been changed by the attacker, you no longer have access to your email or social media accounts you have been frozen out of everything and someone else has control.  This is a daily occurrence and a huge issue we face when we live online.

We trust.  We trust that the services we use are safe.  They are not.  Financial institutions spend millions on data security but still have leaks or hacks – data security is complex and  not all attack vectors can be assessed or tested for.  Other sites have zero spent on security, no updates or little understanding of what is required to sufficiently protect their user base.

So what do we do?

Strong usernames and passwords can prevent guesswork and dictionary attacks on your accounts BUT if the database of usernames and passwords is leaked publicly even the most complex password is not going to save you!  Unique usernames and passwords on all of your difference services will save you some heartache but it requires a mastermind to be able to remember a ton of different and complex passwords!  Using passphrases vs passwords can help but maybe the best tool to help with the security dilemma is a password manager.

Password Managers have been around for a while now.  Today most offer high levels of encryption to keep your personal information safe as well as synchronization of your password data across all of you devices so you can remain secure on all the platforms you use.  Is storing all of your password information all in one place a security issue in itself?  If it is stored locally vs in the cloud then you are pretty safe based on the encryption used and a strong password being required to further secure the data.

Here is a review of the best password managers for 2016 via PC MagazineThe Editors Choice was Dashlane.

Dashlane offers a unique option amongst the password managers available.  Dashlane has the option to change ALL of your passwords with the click of a button.  It will, should you find or suspect you have been compromised, change all of your passwords (on over 500 supported websites/services) using strong passwords – all of which are updated in your password database and all autofill when you access your websites.

Our recommendation

  • Get Dashlane, securely store your information with STRONG encrytion
  • Sync and use your passwords across your devices
  • Maintain and change at anytime long, strong and complex passwords
    (with site auto-login)

Click here to get the FREE version of Dashlane, with an option to upgrade to synced deviced and one touch password changing for $40!



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s