Custom Search

Cyber Security: Online Breaches

Cyber security attacks vary over the scope and severity of consequence of their action: from obtaining users' personal information, to attacking critical national infrastructure and obtaining companies' proprietary data. Millions of records containing email adresses, date of birth, address, and passwords get stolen from the data bases of companies and shared on the internet every year.

The 'Dark Web' sells information that criminals can use to access your accounts - and if a security breach (stolen data) occurs with one company you need to act swiftly to prevent criminals using that data to access other accounts and to be on the look out for phishing attempts.

Attacking online identities

These attacks may well have compromised your data:

Adobe Systems Breach (2013)

In October 2013, Adobe admitted that data from 2.9 million accounts had been stolen. That number was later revised to 38 million accounts, but when the data file was found on the internet it contained no less than 153 million user accounts!

Adobe software is used to produce, publish and present an enormous amount of material on the web. Many professional web designers and publlishing houses use its software. On purchasing the software you had to register with Adobe - so they could 'help' with problems and be informed of new products. Therefore Adobe the names, addresses and credit card information of tens of millions of users on its servers. Much of this data was not encrypted and could be easily read and very soon after the data theft, copies of the stolen accounts were in wide circulation.

The people who had stolen the user data had also gained access to Adobe's development servers and program code, potentially worth billions of dollars, had also been stolen.

Adobe was forced to change the log in details of every one of its users and to greatly improve its own security.

And, of course, users sued Adobe for not protecting their information.

Instagram Breach 2019

In 2019 a huge database of 49 million Instagram accounts was exposed online without any password protection.

Facebook Breach 2019

A database containing hundreds of millions of phone numbers linked to Facebook accounts was left exposed online for an unknown time.

Ecuador (whole population)!

Also in 2019 the personal data of the entire population of Ecuador was available online – 20.8 million records, some including bank balances!

It is therefore a good idea not to use just one simple password for everything and to regularly change your passwords. There is plenty of advice on the web for creating strong passwords - but generally they should contain a mixture of upper and lower case letters, some numbers and symbols.

You may get informed by the company concerned if a data breach occurs, and asked to change your password - but there is a very useful site that will inform you of security breeches that contain your email even if the company does not inform you.

You can check and see whether your account has been part of a reported data breach that included your email address by visiting:

https://haveibeenpwned.com

"Pwned" is a corruption of the word "Owned."

This originated in an online game called Warcraft, where a map designer misspelled "owned."

When the computer beat a player, it was supposed to say, so-and-so "has been owned."

Instead, it said, so-and-so "has been pwned."

It basically means "to own" or to be dominated by an opponent or situation, especially by some god-like or computer-like force...

 

Is my password 'out there' on the Dark Web?

You can also use this site to check whether a password that you use has also been found in a data breach visit.

Don't type in a complete password to start with.

Type in the first few characters and click 'pwned?'

If it doesn't come up, your password is safe.

If it does get a match, add the next character and check again.

If you have typed in the complete password and get a match it is most definitely time to change your password!

Security Breaches - Companies Involved

The site also allows you to see which companies have suffered data security losses and when the breach occured. Listed in alphabetical order, you are sure to find some company you are associated with - from Adobe to Facebook, Ancestry.co.uk to Sony.... hundreds of major breaches of data are listed.

Industrial Espionage

Most 'hacks' are not concerned with 'Joe Public' - those are for minor cyber criminals - but rather to hack into company files, to steal secrets or hobble the company on the world stage. See Attacking Industrial Systems