Better Safe Than Sorry: Millions of Reportedly Stolen Passwords Mean It’s Time for Updates

Recently, yet another cybersecurity threat seemed to materialize and disseminate scores of sensitive information almost overnight. Accounts affected ranged from Google to Yahoo. Initially, experts feared that hundreds of millions of sensitive account numbers and passwords had been compromised.

cyber security

Fortunately, reports of this most-recent cyber invasion appear to have been a bit inflated. As it turns out, a majority of the information was inaccurate and obtained from less-secure third-party sites. Many of the passwords were incorrect and the account numbers turned out to be obsolete. In fact, one of the email providers—, based in Russia—confirmed that only 0.018% of the email-password combinations were accurate and current.

Additionally, it wasn’t the large-scale attack as previously thought—it was a compilation of smaller data stashes from less-secure sites, made to look by a particularly savvy hacker like he had scored big time. The hacker—known in an online forum as “The Collector”—created a database from smaller compilations of hacked information to garner attention and get social media brownie points in return for offering up the stolen information.

Despite the fact that this latest cyber-security scare turned out not to be “the heist of all heists,” there is still an important lesson to be learned here: the speed and effectiveness with which the young Russian hacker spread the news of his corruption and the widespread response he received serves to remind us of what exactly can go wrong in those potential worst-case scenarios. If the hacker had gotten his hands on accurate data as the result of a large-scale attack, and the account information had been current—the speed with which he could have spread financial destruction would have been impressive. He could have breached massive amounts of clients’ personal information, at least temporarily.

The appropriate response here is not to simply look the other way regarding this seemingly bogus attack. A responsible approach to this type of situation is to take preemptive action against system vulnerabilities. Business users should make sure employees:

  • Update operating systems when requested.
  • Download security fixes when they become available.
  • Keep away from spammy, phishing emails.
  • Don’t visit suspicious websites or corrupt downloads.

Additionally, all business users should protect sensitive password and account information by regularly updating and changing their online credentials—and never use the same information across multiple sites.

Perhaps most importantly, business users should take advantage of a website’s 2-factor (2FA) and multi-factor authentication options for even more enhanced password security. A multi-factor authentication process is based on three categories:

  • The Knowledge Factor: Like traditional single-factor authentication protocols, the knowledge factor represents only information a user “knows” like user ID and password information. This is considered the most easily hacked password type.
  • The Possession Factor: The possession factor refers to something the user physically possesses, such as a hardware device, credit card security code, or single-use passcode. Used in conjunction with the knowledge factor, the combination can provide two-factor authentication, which is considered more secure than the typical user ID and password combination.
  • The Inherence Factor: This is typically derived from user biometric information, such as a thumbprint or retina scans. This is considered the most secure of the three factors, and when used in combination with the above two factors, can provide a high level of security.
    Though these types of authentication require more steps than a single-factor authentication process, the problems this type of enhanced validation can save you and your business down the road is well worth the extra effort.

LAN Infotech is the trusted choice when it comes to keeping our clients’ ahead of the latest information technology tips, tricks, and news. Contact us at (954) 717-1990 or send us an email at for more information.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
Client Feedback

“We were having major problems with our email system. We reached out to the IT department of a trusted major law firm here in Miami who in turn recommended Lan Infotech and Michael Goldstein’s team of experts. I find everyone to be professional, knowledgeable and thorough. This gives me huge confidence that I am using a vendor I can trust and rely on.”

—Bart Garratt
HR & Tech. Coordinator
The Legal Aid Society
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services