711 million email addresses let loose by badly-configured spambot
Today it was revealed that the largest confidential data hack so far was let loose on the internet: 711 million email addresses and many passwords, due to a spammer misconfiguring their site, so the database could be downloaded by anybody. Fortunately a lot of these will be generic or non-critical email addresses, but it is still a major data security issue.
This is one of a number of large losses of private data by companies and individuals: to mention but a couple - Ebay suffered giant hack in 2014, which led to the exposure of lots of personal data including postal addresses, dates of birth and phone numbers for millions of people around the world. The dodgy dating site Ashley Madison lost lots of information, including credit cards and real names, even from accounts which they claimed had been deleted.
Protect Yourself and Your Business
There are ways to protect yourself, your family and your business, by being security conscious online.
For example, you often have to prove you are over 18, to access various services. Never put in your real date of birth – change it a bit, something you will remember, maybe 1st January the year you were born. That way hackers can't use it to access services like banks and credit cards which will have your email address.
Use strong passwords. With numbers, letters and special characters. Unfortunately that is not easy, because they can be forgotten, unless you can come up with a mnemonic to remember them – there are sites which suggest methods of remembering them.
You might consider using PayPal, rather than giving credit card details to every online shop. PayPal does not pass on your details, so this is one way of reducing your vulnerabilities. Of course there is the chance that PayPal itself might be hacked but they are a large corporation, and more security conscious than maybe an ebay retailer who operates out of their bedroom.
Use an alternative phone number for phone verification. You can get a free sim card, use it in an old phone or a dual sim smartphone, and have it forwarded to your main phone. There are also “two-stage authentication” apps like Authy and Google Authenticator.
Password managers mean that you can ensure that each site has a different username and password combination, and it can be a complex one. You only need to have one password for the manager – but make it a good one – don't use your dog's name, or your favourite footballer, these can be guessed. Unfortunately this makes logging on to sites a bit more cumbersome, but is worth it as nowadays it is likely that most people are likely to suffer a breach of some kind, and this way you will reduce the damage caused.
Here are some guides to computer security:
Author: This article was written by Julian Jackson, Wandsworth Chamber of Commerce's resident blogger and copywriter - https://julianj.journoportfolio.com