This month, one data breach released over 26 Billion records. Some were new, some were the “best of” old breaches, but they include major name brands and probably impacted you. Do you have accounts with any of these services?
If you ever created an account at any of the websites or services above, change your password now. Perhaps more importantly, if you re-used the password from one of the services above at another website, change that password now, too.
Credential Stuffing is a very common type of attack where a criminal discovers someone’s username/password at a website and then immediately tries that same credential at many other sites, including banks, retirement funds, retailers, etc. Even when your bank itself isn’t hacked, if you used the same credentials there as a site that was hacked, criminals can access your data and steal your money. Credential stuffing is a powerful attack tool that can easily be mitigated by using a unique password at every website and enabling multifactor authentication wherever possible.
Too many passwords to remember? Congratulations, you’re human. Try Pegasus Vault or another trusted password manager so you don’t have to remember or even create a secure password for every site and service you use.
