Email And Personal Information Breaches In The News
Recently there have been several privacy/security breaches in the news. People that subscribe to the terrific service at https://haveibeenpwned.com will already be aware of these. These breaches have been happening at major sites, and by now, if you use the internet and have registered accounts on various websites, chances are pretty good your privacy and details have been compromised.
A new discovery was announced on the weekend by https://haveibeenpwned.com/. This one effected over 500 people with @nipissingu.ca email addresses.
Fortunately, this one did not include passwords, but it does include a lot of personal information. This personal information could be used in the future by criminals in targeted phishing campaigns (spear phishing). In a spear-phishing attack, criminals will use personal information in a phishing attempt against you, in order to make it look less suspicious and more legitimate.
We should take two things away from this;
- be extra careful moving ahead, when reacting to emails. Phishing attacks are getting more and more convincing, and just because an email may have your name and other personal information in it, doesn’t mean you can trust it.
- this is a good time to improve our password habits:
- do not use the same password at multiple sites
- use strong passphrases
- change your passwords/passphrases from time to time
- consider using a password wallet to make these good habits easier to manage
These topics have been discussed in depth on our blog. Please visit https://cybersecurity.nipissingu.ca/ for further information on these and other related topics.
Here are some recent major breaches
- Verifications.io was breached in Feb of 2019. 763,117,241 accounts were exposed. 538 of these were @nipissingu.ca addresses
- MyFitnessPal was breached in Feb of 2018. 143,606,147 accounts were exposed. 65 of these were @nipissingu.ca addresses
- MyHeritage was breached in Oct 2017. 91,991,358 accounts were exposed. 25 of these were @nipissingu.ca addresses
- ShareThis was breached in Jul 2018. 40,960,499 accounts were exposed. 66 of these were @nipissingu.ca addresses
Other major breaches have included places like Adobe, DropBox, Equifax and more.
If you think that you may have been in one of those, it’s a good reason to refresh your passwords now and be sure you are using good quality and unique passwords/passphrases everywhere.
If you have more questions about these topics, please contact UTS, and we’d be happy to offer what guidance we can. There is also a wealth of information to be found using your favourite search engine.