Experts say there are relatively simple ways to keep personal information safe on-line, in the wake of what’s beeing called the biggest security breach ever. The massive breach was revealed this week by Milwaukee-based Hold Securities – 1.2 billion usernames and passwords belonging to more than 500 million e-mail addresses.
Madison College information security instructor Mike Masino said Russian hackers likely worked for months to make the breach, by building off of user accounts they’d already gathered. “They just attacked a ton of sites at the same time, then once they compromised the sites they used that to compromise the users on that site. It had kind of a domino effect,” Masino said.
Masino said “this kind of stuff goes on all the time,” but what’s making news is the sheer size of the breach. Hold Securities said the stolen information came from more than 420,000 thousand websites. Masino said that’s yet another reminder to keep changing out on-line user names passwords.
“If they steal millions of user names and passwords, it’s going to take them awhile to go through that list and explot all those,” he explained. “If you’re changing your password every two months or three months, you’ve just reduced your window that they have to use your information down to that amount of time.”
“Consumers who may have used the same username and password for their online financial accounts as they used for other online websites should consider changing those,” said Rose Oswald Poels, president/CEO of the Wisconsin Bankers Association. “Although initial reports say that financial institutions were not the target of the hackers who stole 1.2 billion passwords from over 420,000 websites, consumers tend to use the same username and passwords for multiple accounts. This potentially leaves them vulnerable to unauthorized access to their funds.”
Poels also urged consumers to be vigilant and review their accounts for any suspicious or unauthorized activity.