Searching for that special someone to share a sweet moment with underneath the mistletoe? If you're trying your luck with different dating websites, make sure you take precautions to protect your personal information. According to a blog post by KrebsOnSecurity, online dating service Cupid Media exposed more than 42 million consumer records in January 2013.
Stealing the LoveUsers' names, email addresses, unencrypted passwords, and birthdays were all exposed in this security breach on this Australian-based dating service. Interestingly, all of this stolen data was found on the same server where cybercriminals stored scores of personal records taken from well-known sources like Adobe, PR Newswire, and the National White Collar Crime Center (NW3C).
Even though this attack happened nearly eleven months ago, Cupid Media only recently admitted publicly to the breach. The company's managing director, Andrew Bolton, claimed that they notified the affected customers and reset passwords for specific sets of user accounts. The dating service is also double-checking that all the affected accounts reset their passwords and received consequent confirming notifications. Unlike a handful of other companies, Cupid Media doesn't send their users their passwords in plain text when a password reset is requested.
Similar to the security breach on software company Adobe Systems Inc., Cupid Media didn't have to notify every account user because several are inactive. This doesn't bode well for those millions of unused accounts that the companies still have stored because their data was still stolen and leaked online.
Get Creative and Protective with PasswordsLarge security breaches like these can lead to disasters for users. Many people reuse the same passwords for different sites, which give hackers access to any websites that hold users' sensitive data, such as email inboxes.
Cupid Media's users aren't very creative in the password department. Apparently "123456" and "111111" were used as passwords well over a million times for the site. For those who decided to rely solely on letters, over 90 thousand users chose the password "iloveyou," and over 50 thousand decided on "lovely".
As entertaining and ridiculous as these passwords are, they highlight some important things to keep in mind. Make sure you create hard-to-crack passwords, and don't use the same password for more than one website. A handy tool to help you with this is a password manager, which can generate difficult passcodes; one of our favorites is LastPass 3.0. If you're tempted to put a lot of personal information online, keep in mind you're the one who has to effectively protect it.
No comments:
Post a Comment