Search This Blog

Wednesday, May 25, 2016

Remembrance time: was your LinkedIn account caught up in the 2012 hack? will your _____ account be caught in the 2018 hack ?

It is never fun to discover that your identity has been stolen. This ZDNet article drew my attention to the recent exposure of the entire data set that was stolen on the great hack on LinkedIn that took place almost 4 years ago, on june 2012. 

Back than, in 2012, LinkedIn responded with commendable speed to that breach of security, and I remember receiving the following message on the day of the hack: 
warning email from linkedin, telling of the data breach

It is one thing to know that your data has been stolen, and another to know that it is still being a commodity. Following the article, I checked haveibeenpwned, and indeed, among other users, my identity is part of the LinkedIn hacking merchandise sold out there.... 

Still. it could have been worse. After all, the password in question was changed immediately after I received the warning. As sad as one might be about one's email being exchanged among malicious hackers. this does not change reality, it only clarifies it. 

Online existence has its prices. We have to install doors and windows in our homes if we wish to get out to the world or receive guests. We have to display an online presence if we wish to utilize the remarkable advantages of the Internet. The reminder of the existence of criminals is not a reason to be scared or to avoid things, it is just another reason to take care. 

Taking care means the following steps:
  1. Don't use the same password for different websites. I know it is hard. Don't. 
  2. Adopt a password regulation scheme, which should be especially rigorous regarding services in which you keep sensitive information. With 'rigorous' I include:
    1. password complexity;
    2. frequency of change;
    3. intelligent memorization/personal storage of your password. 

Further Reading 

No comments:

Post a Comment