Privacy Tip #405 – Compromised Passwords Continue to Provide Easy Opportunities for Threat Actors
Thursday, July 11, 2024
Compromised Passwords Continue to be Targeted by Threat Actors
Print Mail Download info_icon_img/>i

Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all breaches…”

Stolen credentials mean a user has given their username and password to a threat actor. When that happens, the threat actor has complete authenticated, unfettered access to all of the data the user has access to in the system. The result is that the threat actor can access data without being detected by tools put in place to detect malicious intrusions. This is a nightmare for organizations. Compromised passwords are an issue because threat actors gather and use them in brute-force attacks. When a user’s password is compromised, if the user has used that password on any other platform, it gives threat actors an easy way to get into any account for which the user has used that password. That is why we always tell users not to use the same password across platforms.

It is important to change passwords frequently and to follow your organization’s procedure for changing passwords. It is also crucial not to use the same password across different platforms.

A recent article by Cybernews shows how vital this mantra is. According to the article, “Cybernews researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext passwords. The file with the data, titled rockyou2024.txt, was posted on July 4th by forum user ObamaCare.” The passwords came from a mix of old and new data breaches.”

Apparently, the threat actors compiled “real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.”

Cybernews further states that it believes “that attackers can utilize the ten-billion-strong RockYou2024 compilation to target any system that isn’t protected against brute-force attacks. This includes everything from online and offline services to internet-facing cameras and industrial hardware.”

Here are the recommendations from Cybernews:

The Cybernews research team advises to:

  • Immediately reset the passwords for all accounts associated with the leaked passwords. It is strongly recommended to select strong, unique passwords that are not reused across multiple platforms.
  • Enable multi-factor authentication (MFA) wherever possible. This enhances security by requiring additional verification beyond a password.
  • Utilize password manager software to securely generate and store complex passwords. Password managers mitigate the risk of password reuse across different accounts.
Copyright © 2024 Robinson & Cole LLP. All rights reserved.

Current Public Notices

Current Legal Analysis

Australia-China Cross-Border Commercial Disputes – Where Should They be Resolved?
by: Carl Hinze , Mitchell Riggs
Mintz IRA Update — IRA Litigation Update: Courts Begin to Address Legal Challenges to the Medicare Drug Price Negotiation Program
by: Xavier G. Hardy
Mintz IRA Update — The Consequences and Costs of Redesigning the Part D Program
by: Tara E. Dwyer , Lauren M. Moldawer
Potential Impact of the FTC’s Noncompete Ban on Employee Benefits and Executive Compensation
by: Taylor Bracewell
D.C. Circuit Strikes Down Board’s Mail Election Ruling for Lack of Justification
by: Joshua S. Fox , Larenz D. Jones
No Surprises Here! Divergent Court Rulings Spotlight Ongoing Challenges in No Surprises Act Implementation; Tee Up Split in Authority on Award Enforcement Mechanisms
by: D. Austin Rettew , Vinay Kohli

More from Robinson & Cole LLP

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins