50 million customers – that’s the latest on the LivingSocial cyber attack. The site, which offers daily deals, took a hard hit this past week and as a result, more than 50 million customer accounts was left vulnerable, ready for the hackers to lay waste. The information that was compromised includes names, emails, birthdates and encrypted passwords. Could there be more? It’s not yet known, but so far, it looks as though it might have been contained. Financial and credit card information was not accessed, according to the company, but as we’ve learned in recent years, that’s never a sure thing. Are there more attacks like these in the making?
LivingSocial Cyber Attack
The massive online powerhouse, Amazon, which owns a 29% stake in the company, notified its customers on its home page to change their passwords as an added precaution,
We are actively working with law enforcement to investigate this issue,
Chief Executive Tim O’Shaughnessy said in an internal email. There’s been no word, though, on how far the investigation has come as of Monday morning.
If this were an isolated case, the LivingSocial cyber attack might be receiving a different degree of coverage, but unfortunately, it’s only the latest in a growing list of high profile hacks and attacks. In the past few weeks, Twitter has taken massive hits while banks and credit card companies have been hit consistently over the past seven or eight months, including American Express and nearly all of the big banks in the country. LinkedIn has also taken a few hits.
One group, Privacy4Patriots, has its theories and says the attack was possible because so many of us use the same passwords with all of our accounts and that one way we can each protect our own information is by using a “variety of passwords for different accounts”. Hackers learned long ago that human nature is quite powerful and that most of us use the same password for convenience. They can utilize recently-gained passwords to attempt to hack into other accounts – and they’re successful in an alarming number of cases.
Privacy4Patriots is preparing to release a new report on how we can protect our privacy, especially for those of us who bank, shop and pay bills online. They offer three substantial ways to ensure our information is safer. Hint: don’t use the same password for your MasterCard and Facebook accounts. These are just the three big ways, there are a host of other steps you can take to ensure you don’t become the next victim.
Per Privacy4Patriots, here are the “big 3”
Passwords – this is by far one of the biggest ways folks are hacked. Too often, we use simple passwords and hackers take advantage of. They have tools that cycle through the top 500 most commonly used passwords. To be safe, choose longer and more complicated passwords. Your email account is often the gateway to everything else in your life, so a password should be strong enough to prevent entry. Use both upper and lower case letters, plus numbers and symbols. Also, it’s very important to use different passwords for different accounts. If hackers figure out a password to one account, they will try it on others. This is especially true with any accounts that include your credit card information or banking numbers.
Security Questions – it’s becoming more routine for hackers to actually conduct research on their targets. It makes you wonder how much of a role this played in the LivingSocial cyber attack. They’ll plunder through the social networking sites, including Facebook, Twitter and LinkedIn and then they take what they’ve learned to the email providers – Yahoo, Google, etc. They’ll request the recover password feature and then attempt to change the passwords by using the information for security questions: “Where was your first school?” If they’re able to discern you attended a school in Bangor Maine, they can hone in on those answers. Places of birth, names of pets – it’s all viable information used to freeze you out of your account. To prevent this, it’s recommended to choose the most obscure and difficult security questions to answer, use fake answers to those questions, and make those answers very difficult to guess. This is one more reason why all of your social media privacy settings should be set to high.
Sharing Information – we’ve known this for years, but it’s good to state the obvious from time to time: take great caution in who you share information, including your email address, with. Handing an email address out to anyone and everyone can be an invitation to be hacked. If your email address is email@example.com, they can then attempt to hack it for your billing information, including your credit card numbers. Also, consider using disposable email accounts. This can help protect your identity as well.
Keep in mind, hackers are seemingly popping up everywhere. Already, the hacker group that penetrated all of the American bank sites have promised to step up their attacks and even though they began with denial of service attacks that were designed to be more of an inconvenience than anything else, at any time, they can graduate to the types of attacks that glean millions of credit card numbers, expiration dates and even the three digit security codes on the backs of those credit cards.
Finally, and as always, keep your virus scans current. These can be your first best barrier to prevent hacking and scamming. If you feel like any of your accounts have been compromised, don’t run with the idea of, “well, I never use this account anyway”. You can be sure that is just the first step a hacker uses to get into those accounts you do use often, especially if you are using the same passwords across the board. It’s better to be proactive instead of reactive. It can save a lot of problems, including the need to have new credit cards and debit cards re-issued. Report any suspicious behavior before the company contacts you.
Have you been the victim of cyberfraud? Ever had your information stolen? If so, what kind of measures did you take to ensure it never happened again? Share your story with us and our readers.