News

miniBar Talk: This Week's Top Post - IndyBar Blog

IndyBar Blog


Posted on: Jan 5, 2018

You Can't Secure 100% of Your Data 100% of the Time

Over three billion credentials were reported stolen last year. This means that cybercriminals possess usernames and passwords for more than three billion online accounts. And that’s not just social media accounts; it’s bank accounts, retailer gift card accounts with cash and credit cards attached, airline loyalty accounts with years of accumulated frequent flyer points, and other accounts with real value.

This statistic is alarming, but in fact it significantly understates the scope of the threat. Because of a form of attack called credential stuffing, tens of billions of other accounts are also at risk. Here’s how that attack works. Because most people have many online accounts (a recent estimate put it at 191 per person on average) they regularly reuse passwords across those accounts. Cybercriminals take advantage of this. In a credential stuffing attack, they take known valid email addresses and passwords from one website breach—for example, the Yahoo breach—and they use those same email addresses and passwords to log in to other websites, such as those of major banks.

Read more here.

This article was submitted by Jonathan T. Armiger, Armiger Law. To subscribe to more E-Discovery, Information Governance & Cybersecurity news like the article above, click here to update your news subscriptions.

DID YOU KNOW?

Indianapolis Bar Association (IndyBar) est. 1878 | 4,536 Members (as of 2.11.21)