After an 18 month investigation, cyber security company Hold Security has uncovered the “largest data breach known to date”; one that involved the theft of 1.2 billion user names and passwords by a group of Russian cyber-thieves. The “CyberVor” gang, dubbed that name by Hold Security, collected over 4.5 billion records, most consisting of stolen credentials. 12 billion of these credentials appear to be unique, belong to over half a billion e-mail addresses. To achieve this, the CyberVors robbed over 420,000 web and FTP sites.
While it’s unclear whether any financial institutions were among the breached sites, which tends to present the greatest risk for consumers, these types of incidents are becoming more frequent, stressing the needs for an adequate Privacy and Network Security strategy. One article on Forbes points out that it’s possible the passwords that were stolen could be old data pulled from a previous hack and not a new, undiscovered breach. Regardless, your clients should do what they can to protect their accounts from hackers.
Most employers will have no problem finding articles and resources that offer strong password tips, with strategic ideas such as using symbols, capitalizations and numbers like “3” in the place of “E”. Is this enough though? Privacy and Network Security experts recommend using a different password for each account that you use, pointed out that re-using the same password leaves employers and individuals critically exposed.
Small measures related to password security can go a long way in keeping company data safe. Security firm McAfee suggests avoiding password words that include personal information, such as your birthday or pet’s name, as this information is readily available with the advent of online and social media use. McAfee recommends using combinations of dictionary words that aren’t related to each other (but makes sense to you for easy recall).
No matter how your clients handle their cyber security prevention strategies, it’s imperative that they have the right Privacy and Network Security insurance policy in place, to protect themselves financially should they be affected by a data breach; even a small one can be financially devastating. At PL Risk Advisors, we understand the valuable information that your clients are trusted with. Storing personally identifiable information on clients and employees could open up a company to data breaches, identity theft, and unauthorized use of confidential information. To learn more about our Privacy and Network Security Products, please contact us today at (855) 403-5982.