Breaches happen all the time. While none of us can control how other companies protect our data, we can do plenty to protect ourselves.
Our first recommended action after a breach is for the exposed users to immediately change their password for that account – and for any other accounts that are protected by the same (or a similar) password. With an attack type called credential stuffing, one reused password can give criminals an open door to your other accounts. When your password is compromised, bad actors can take over your account, posing as the legitimate owner – accessing sensitive personal data, draining accounts, and making fraudulent purchases.
In the case of an account takeover of a corporate account, the criminal may be able to steal data that facilitates additional attacks, including ransomware, against the enterprise.
Since few of us can remember a complex, unique password for every account we own, it’s easy to become complacent, but that just encourages bad actors. They already have so much to work with: last year alone, SpyCloud recaptured 1.7 billion credentials exposed in data breaches and being sold or traded on the darknet. Additionally, we found a staggering number of corporate email addresses and plaintext passwords in our dataset – 27.36 million pairs of credentials associated with Fortune 1000 employees.
With everyone relying on digital identities now more than ever, cybercriminals have a lot more opportunity to profit from passwords and identity data exposed in breaches. The key is to act quickly after an exposure so you shut down their ability to profit from that stolen data.
My Corporate Credentials Were Exposed In a Data Breach – Now What?
Here are 4 steps to keep accounts safe if your password is found in a data breach.
Step
Change the Exposed Password Immediately
Cybercriminals act fast. They know the clock is ticking from the moment credentials are stolen. They use sophisticated technology and bots to compare the password against thousands of common websites and apps. By changing the exposed password the moment a breach is discovered, you minimize the risk that the criminal can use the password to access any personal or work data.
Experts highly recommend using complex passwords that are unique for every account. Using the same password on multiple accounts or reusing an old password is extremely risky. Check out SpyCloud’s tips for strong passwords for more recommendations on how to create unique, complex passwords that enhance your password hygiene.
Step
Change All Variations of the Compromised Password
When people are prompted to change their passwords, most decide to simply change a character or two. This may seem like a good idea and make it easier to remember, but cybercriminals are expecting it. They can take just a few characters of a compromised password and quickly crack the rest of it, even if it was recently changed. However, our research shows that cracking a complex password can take decades and ample supercomputing power.
Be sure all variations of the compromised password are changed and never use that compromised password or a variation of it ever again. Cybercriminals know users often return to old passwords. They will run that password through their system repeatedly for years.
Step
Enable Multi-Factor Authentication
Whenever it is offered, we recommend using multi-factor authentication (MFA). While it doesn’t provide the ultimate protection, it does offer another layer of security and is typically enough of a deterrent for all but the most persistent criminals. MFA will establish another identification method on accounts that offer the capability, often sending the user a unique code via a push notification or authenticator program on their mobile device.
Even if a cybercriminal gains access to credentials, they won’t immediately be able to access the associated account unless they provide the second factor of authentication. If the only method of MFA offered by the account is secret answers to security questions, make up the answers! Don’t use real information; it’s fairly easy to piece together from public databases or platforms like social media. Store your (fake) secret answers in your password manager. Speaking of…
Step
Implement a Password Manager
One of the best ways you can protect your passwords is by using a password manager. Password managers auto-generate long, complex passwords that are near impossible for criminals to hack – and they’re unique for every account. Employees should be required to use password managers, particularly on their work-related accounts (but should extend use to their personal accounts!).
Check Your Darknet Exposure
It doesn’t appear that data breaches are slowing down. In 2022 there were 1,802 publicly reported data breaches that impacted 422.1 million people. With each breach, credentials are exposed that put corporate and personal accounts at risk. Understanding your darknet exposure, and then taking the necessary steps to protect yourself and your enterprise, are the first steps to securing yourself from cyberattacks.
Use SpyCloud’s Check Your Exposure tool to learn what cybercriminals know about you and your organization, including:
- Company-risk based data breach and malware exposures for users on your domain
- Stolen cookies that enable advanced account takeover (session hijacking)
- Personal breach exposures
- Password reuse
With over 325B+ recaptured breach and malware assets, SpyCloud gives you visibility of your corporate and personal exposure and offers businesses automated solutions to detect exposed passwords, malware, stolen cookies, and at-risk cloud and shadow IT applications that are open doors for criminals.
