One of the world’s leading security experts, Troy Hunt, announced yesterday that a record 773 million unique email address and password combinations had been released publicly by hackers. If you want to read all the technical details, you can find that information here.
As a public service, Troy manages the https://haveibeenpwned.com website which records and makes breached passwords searchable so you can check if any of your accounts have been compromised, and when it was detected.
What should you do?
Check your email address and password!
- Don’t panic like the guy up there ^^
- Go to https://haveibeenpwned.com and enter your email address to see if it has been breached, and when the breach was detected. Keep in mind that the breach may not be the password for your email address, but the password for other services where you use your email address to log in (this could include your website).
- If your email address is found in any breaches, then it’s time to start thinking about changing passwords.
- You can do a secure password search at https://haveibeenpwned.com/Passwords to see if your passwords are in the database.
- If your email address and/or passwords come up in either of those searches, then think about everywhere you use or have used that combination and go change them ASAP.
I recommend using a password management tool like LastPass or 1Password. I personally use LastPass, but 1Password integrates with haveibeenpwned.com to automatically notify you if any of your passwords have been compromised.
Need some help?
If you have multiple users on your business domain name and it is managed by TerraMedia, I can run a domain level check for you. This will give you a list of the email addresses that have been impacted so you can proactively ensure everyone in your business is secured. You will also receive a notification immediately in the event that email addresses on your domain name are part of any future data breaches. Please get in touch for pricing on this service.
Need advice on improving your business security?
Many tools are available to help improve security. Using a password management tool that facilitates having unique, strong passwords for every account you log into is just one way to be more secure. You might also consider 2 Factor Authentication on sites where it is available, as well as biometric security on easily stolen devices like phones and tablets.