Breaches happen all of the time. While none of us can control how other companies protect our data, we can do plenty to protect ourselves. The first recommendation of action after a breach is for customers to immediately change their account passwords. Those stolen passwords are just as valuable or more to cybercriminals as social security numbers and credit scores. Why? Because passwords create the gateway to personal and work accounts. When they’re compromised, bad actors can take over those accounts, posing as the legitimate owner – accessing sensitive corporate and personal data, draining accounts, and even setting up new accounts and loans, taking identity theft to a new level.
Since few of us can remember a complex, unique password for every work and personal account we own, it’s easy to become complacent. Unless you or your employees have ever experienced account takeover, you may assume your chances are slim. Not so. Stolen passwords are the number one tactic used by criminals to hack accounts, nearly 20 percent more than malware.
So, what can you do to protect your and your employee’s accounts in order to prevent account takeover? We’ll give you 5 steps to keep accounts safe, even when the breach was completely out of your control.
5 Steps to Remediate a Password Exposure
The key to any password compromise is to find it early. The longer the exposed password is in use or active (even if it is assigned to an unused account), the greater the chance it will be used against you or your company. Fortunately, enterprise software exists to continually and automatically monitor active accounts, such as those in Active Directory, and compare them accounts against a database of known breaches. If any credentials match a breached record, it flags the affected account and immediately notifies security leaders of the exposed email address and associated domain.
Administrators can log into the system to drill into the details of the exposure, including the breach date, the type of breach, the affected service or website, and whether the credentials are already on the underground market. Once the compromise is discovered, the following 5 steps will ensure the criminals don’t continue their attack on that account.
Step 1: Change the Password Immediately
Cybercriminals act fast. They know the clock is ticking from the moment credentials are stolen. They use sophisticated technology and bots to compare the password against thousands of common websites and apps. By changing the exposed password the moment a breach is discovered, you remove any potential that the compromised password can access any personal or work data.
Experts highly recommend using complex passwords that are unique for every account. Using the same password on multiple accounts or reusing an old password is extremely risky. It’s worth the effort to establish unique passwords for every account and make them as complex as possible. See Step 5 for the best way to accomplish this.