We've been fans of Troy Hunt's Have I Been Pwned? for quite a while at Cynch Security and encourage our members to sign-up to the free service as part of our Password Management for Small Business security pathway. If you haven't yet checked your email address in the service, we encourage you to head over there now and do so. Troy regularly loads large data breaches to haveibeenpwned, but this week's list of 711 million pwned accounts is his largest to date and we felt it would be worth spending some time discussing what it means and what actions you should take if your email address shows up.Read More
Before you go running off removing asking your IT guy to stop making you change your password every 90 days, there may be a big barrier standing in their way: Industry Standards BodiesRead More
In 2014 Yahoo was the victim of a significant breach that resulted in the details of over 500 million users being compromised. The breach is believed to have been state sponsored and includes names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, security questions and answers. Find out what this means for your business.Read More
In 2012 Dropbox was the victim of a significant breach that resulted in the email addresses and passwords of some users being compromised. Initially it was believed that a small number of user's details had been caught out in this incident however in August 2016 it was confirmed that over 60 millions accounts were compromised.
As a service focused towards businesses it is not uncommon for work emails to be used on with Dropbox. If you or any of your employees created an account with their work email address and reused a password they use elsewhere (e.g. for their work email or online service access) your business could become a target for cyber criminals.Read More
If you were a member of LinkedIn in 2012 there is a good chance that your email address and password at the time were compromised. LinkedIn has now taken steps to reset the passwords of all impacted account, however if you simply reused the same password, or you used the email address and password on other sites, you could be at risk of having your accounts compromised.Read More