In June of this year a massive hacking incident occurred that involved over 32 million accounts. According to LeakedSource, the Dark Web came into possession of the information linked to those accounts and put it up for sale. If you haven’t switched to two-factor authentication (2FA, a.k.a. TFA, or multi-factor authentication, or MFA) for your login verification, you should know that 2FA gives you the security assurance that no one else will be able to log in to a certain account except you. 2FA or MFA sends you a verification signal to your smartphone or other device which you then enter or click on, making sure that some cybercriminal opportunist isn’t sending phishing tweets on your behalf or using your stolen personally-identifiable info to set up an account or spam friends or associates in your circles.
A September LeakedSource report relates that Twitter reacted to the Dark Web sale of nearly 33 million Twitter accounts’ related personal data by locking-down the accounts of millions of people. Twitter doesn’t believe, however, that its servers were directly attacked, leading users and online security experts to believe that the cybercriminals “may have created a composite of data from other breached sources,” according to IT Specialist. Malware was likely used to extract passwords from devices, IT Specialist also contends. Facebook CEO Mark Zuckerberg was reportedly one of the Twitter hack victims, and as a result, got ridiculed by The Telegraph for reusing the password “dadada” for multiple sites.
LeakedSource says the stolen Twitter data contains 32,888,300 records, including email addresses, usernames, and passwords, and has added the information to its search engine, which is a paid platform, but lets people find out if their information was leaked for free.
Experts at LeakedSource believe that user credentials were collected via browsers like Firefox or Chrome infected by malware rather than stolen directly from Twitter, based on information in the data (which includes the fact that many of the passwords are displayed in plaintext). Many of the affected users were alleged to be in Russia (6 of the top 10 email domains represented in the database are Russian, including mail.ru and yandex.ru).
Steps to Remedy the Twitter Hack
The end-result of the Twitter cyber breach has been tens of millions of people being inconvenienced by having to reset their passwords (though it ends up being for the better). Those who haven’t done so should get the Twitter account set-up featuring two-factor authentication. Here are some further tips to prevent password/login-oriented cyber-theft:
- Sign up for as many accounts as possible that feature the 2FA option, so every login is accounted for using two-factor authentication.
- Make all your passwords for all accounts unique, strong, and longer than 8 characters.
- Don’t use anything familiar to you, such as proper names, or even dictionary words.
- Encrypt all your passwords, either using a strong password generator, or DIY it.
- Get creative with encryption, using names in reverse, mixed with numbers and symbols.
- Never use ordinary words found in the dictionary for passwords.
Additional Data and Login Security Assistance
By taking these prescribed steps to securing your account through better login verification (2FA), you will keep your data safe from cyber-crooks. You can also speak to an IT expert about login and password safety and security at Colorado Computer Support, which is a proven leader in providing IT consulting and cybersecurity in Colorado Springs. Contact a representative at 719.439.0599 or send us an email at firstname.lastname@example.org today, and we can help you with all your password/login security questions or needs.