Best Practices for Notifying Consumers of a Third-Party Breach
It’s no longer a question of ‘if,’ but ‘when.’
Your consumers will reuse passwords, and those passwords will be exposed in a third-party data breach.
As soon as reused passwords become available to cybercriminals, your consumers are at high risk of account takeover fraud, which can result in substantial losses for you and for your consumers.
By monitoring your consumers’ credentials and resetting exposed passwords, you can help prevent account takeover and reduce online fraud. However, the language you use to notify them that their passwords must be reset requires careful consideration. Informing affected users that their credentials have been exposed on the criminal underground can encourage them to choose strong, unique passwords and protect any other accounts that share the same login information. On the other hand, some consumers may wonder how you located their information on the ‘dark web’ in the first place and where it was exposed.
Download our best practices guide to learn:
- How to prompt users to change compromised passwords without introducing friction
- Why you should take care to consider the right level of transparency for your organization
- What an effective consumer notification looks like
Solution:
Account Takeover Prevention
Reset stolen passwords before criminals can use them to defraud your users.
Related Resources
SpyCloud Named 2020 Gartner Cool Vendor in Identity Access Management and Fraud Detection
See Gartner’s analysis of the IAM & Fraud Detection market and why SpyCloud received the Cool Vendor recognition.
Real or Synthetic? Introducing SpyCloud Identity Risk Engine
On-Demand Webinar: A detailed look at how Identity Risk Engine turns recaptured data into a clear fraud signal that complements your existing control framework.
The Fraudacity of Cybercriminals: How 15.5B Recaptured Data Assets Shine a Light on the Criminal Underground
On-Demand Webinar: Analysis of the 15+ billion assets we recaptured in 2021 and what we can learn from patterns we’ve observed in the criminal underground over the last 12 months.
Trusted by market leaders
With 500+ customers around the world, including half of the Fortune 10, SpyCloud is the leader in operationalizing Cybercrime Analytics to protect businesses.
We’re on a mission to make the internet a safer place by disrupting the criminal underground. Together with our customers, we aim to stop criminals from profiting off stolen data.
#1 Global
Streaming Service
#1 Global
Airline
#1 Global Software
Company
Leading
US Banks
#1 Global
Online Retailer
#1 US Crypto Exchange
Check Your Exposure
See your real-time account takeover exposure details powered by SpyCloud data.
