Database of 26 Million Stolen Passwords Discovered

Cyber Security, Data Security, Ophtek, Password Security, Two Factor Authentication, Updates, , , ,
22
Jun 2021

Passwords are one of the most common security measures, but they’re still considered a risk. And 26 million stolen passwords have just been found.

We all use passwords on a regular basis throughout our working day. Logging on to remote servers and online platforms all require a set of login credentials. And, on the whole, they provide an adequate level of security. But security which is considered only adequate will always remain a tempting prospect to hackers. Login credentials will typically consist of only two pieces of information: username and password. Naturally, with only two data values required – which can be entered from any keyboard – login credentials represent some major security concerns.

That’s why the discovery of this database, containing 26 million sources of information, is considered a major alert.

What’s in the Database?

Coming in at a huge 1.2TB, the database – which was discovered by NordLocker – contains the following:

  • 26 million login credentials
  • 2 billion browser cookies
  • 1.1 million email addresses
  • 6.6 million various files including Word, PDF and image files

These numbers are, of course, huge. And it’s a safe bet that some serious data has been compromised along the way. It has also been revealed that the malware made a point of creating an image file by taking a screenshot via active webcams on infected devices. This, again, is troubling as it underlines the danger contained within the malware for compromising personal data.

The actual malware behind these data harvests is currently unknown. It is believed, however, that its method of attack is fairly standard. Upon infection, the malware will connect to a remote server where it can transmit any stolen data. The compromised data, as NordLocker found, was being hosted on a cloud-based hosting service and has now been taken down. But it’s likely that this database has already been traded and is out in the digital wild.

How Do You Protect Yourself?

Attacks such as this are sadly commonplace in the modern age, but there is a lot that you can do to protect your organization’s data:

  • Use Two-Factor Authentication: The combination of a username and password may seem strong, but it can be made even stronger by two-factor authentication. This additional layer of security requires the use of a unique piece of data transmitted to a device separate from your IT network.
  • Install All Updates: The attack in question could easily have been caused by a vulnerability put in place by outdated technology. Both software and hardware require regular updates to patch any issues that may be discovered post-launch. And it’s your responsibility to install these as soon as possible to close any potential back door attacks.
  • Regularly Monitor Network Activity: If significant amounts of data are being stolen and transmitted to a remote server, this activity will be associated with a rise in outgoing network activity. Therefore, it pays to keep a close eye on any spikes in traffic to minimize the impact of any breach.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Default Passwords: The Biggest Weakness in IoT Security

IOT, Password Security, Security, Security Threats, , ,
06
Feb 2018

Passwords have always been one of the simplest security methods, but the presence of default passwords in the IoT (Internet of Things) is very dangerous.

Many IoT devices come set up with a default password in place which is certainly a nice option, but when that default password is the same across the entire product range then it presents a major security flaw. Say, for example, you buy an IoT fish tank (yes, these actually exist) and it shares the same default password as all other IoT fish tanks in that product range, it’s not going to take much research to discover that password, is it? Sure, it’s just as easy to change the password, but how many people would think about adjusting security settings on a fish tank?

As more and more organizations are installing IoT devices, it’s a good idea to familiarize yourself with the dangers of default passwords and how to make your passwords more secure.

Default Passwords and their Dangers

It’s estimated that 15% of IoT device owners fail to change their default password, so it’s almost certain that all medium and large businesses have at least one employee with a susceptible IoT device. It’s partly laziness on the owners’ parts and it’s partly down to IoT technology being so new that people aren’t aware of the security risks. Nonetheless, it’s presenting a major security issue for organizations as hackers are taking full advantage of the situation.

Hackers are concentrating on the construction of malware which comes preloaded with huge lists of default passwords, so that breaking through defenses becomes that little bit easier and quicker. And this is exactly what happened when the Mirai botnet managed to infect nearly 185,000 IoT devices by exploiting default passwords. Default passwords are regularly being leaked and shared online, so the importance of changing these as soon as possible should be a paramount concern for organizations.

Protecting Against Default Passwords

If you want to improve the security on your IoT devices and protect the rest of your organization’s network, then you need to take note of the following tips:

  • Change the Password on a Protected Network: Before your IoT device is connected to the internet, make sure that it’s connected to an exclusive, protected network that cannot be accessed externally. This allows you to, first, test the device and, secondly, to change the password before it’s detected by IoT search engines such as Shodan. 
  • Run Regular Audits on All IoT Devices: Detecting and monitoring new devices on your network should become a priority. Any new and unknown devices to your network should instantly be blocked and an authentication process put in place. With this information you can then track down the device owner and ensure that any default passwords are changed before further access to the network is granted.
  • Don’t Use Admin as a Username: Admin is probably the most common username used in IT departments and hackers are well aware of this. Even if you’ve changed your default password to something highly cryptic, a simple username such as ‘admin’ instantly halves the amount of work a hacker has to do.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

18 Million 8Tracks Users Have Had Their Details Stolen

Hacking, Password Security, Secure Database, Security, , ,
26
Sep 2017

password-security

Customer details such as passwords need to be stored in databases, but what happens when these get hacked? 8Tracks radio service recently found out.

Following a breach of the security around their user data, 8Tracks had the rather unenviable task of announcing a major password security alert. And, seeing as this had the potential to affect 18 million users who are signed up to the service, it demonstrated the fragility of cyber security when it’s not enforced to the letter – as Tumblr found out last year.

The reasons behind this breach are incredibly simple, but the impact of such a breach has the potential to cause major damage for millions of users. It’s a cautionary tale and one which can provide an important lesson to learn.

How were 8Tracks Users Hacked?

8Tracks suspect that their databases were breached following a cyber-attack on one of their employee’s Github accounts – an online storage facility for open source programming code. Github offers two-factor authentication, but, in this instance, the 8Tracks employee didn’t activate this which left them at a slight disadvantage to hackers. And, following an alert from Github that this account had been subject to an unauthorized password change, it became clear that access to 8Tracks networks had also been compromised.

It’s believed that access to prime databases and production servers were not at risk as they were protected by SSH keys which involve sophisticated cryptography and challenge-response authentication. However, the backdoor left open by the 8Tracks employee did expose back up databases which contained email addresses and passwords for 8Tracks users. The passwords, thankfully, were encrypted using salt and hash methods – these techniques make passwords very hard (but not impossible) to crack.

Although it would be highly difficult to hack these salted and hashed passwords through brute force techniques, the very small chance of success was a major headache for 8Tracks. As a result, they had to advise all their customers who had signed up with an email address – those signed up through Facebook and Google authentication were not affected – that they had to change their password immediately. 8Tracks themselves then had to secure their employee’s Github account, change passwords for their own backup systems and restrict access to their repositories.

hacking-2300793_960_720

 

What’s the Impact of the 8Tracks Hack?

It may seem as though the 8Tracks hack is all done and dusted now that users have been advised to change their passwords and the 8Tracks system secured accordingly, but there’s a further problem. For the 18 million users affected, it’s more than likely that a large number of them use the same email address and password to sign into countless services such as Facebook, online banking and even to access their organizations systems, so these are now at risk from unauthorized access.

And this is why it’s so important that password security is taken seriously. Many organizations are now turning to online password storage facilities such as LastPass which provide highly encrypted systems to store the many passwords that your employees may need on a day to day basis. Not only should you consider using systems such as this, but if you’re offered the chance of using two-factor authentication, it should be a no-brainer that you activate this immediately to create stronger defenses for your data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2