A leaked account by a random website – maybe even one for personal use, outside the office – can still give hackers a way in when the employee uses the same password everywhere. That’s why any password reuse by any employee can put a company in jeopardy. Many people don’t change passwords even when data breaches are publicized. Security breaches may go undetected for months, or even years. From there, the hackers can escalate privileges and expand their access within the company’s network.
They then use automated tools to start testing those credentials or carry out targeted attacks.įor example, if they know the LinkedIn password of the CEO of a specific company, they’ll start trying the same password to break into the CEO’s corporate email account. Hackers simply obtain the list of leaked credentials, often on the dark web. Large-scale breaches - like the LinkedIn breach in 2012 of 170 million credentials - can have long-lasting and devastating security effects. It’s a lot easier than you think for hackers to use stolen passwords to gain corporate networks and accounts access. But another critical takeaway is that sometimes, mundane things like a leaked password can be a company’s Achilles heel. In the cybersecurity community, the breach has raised questions about data security, privacy and surveillance. It was an “easy” hack : they tried the credentials, they were valid, and the hackers unlocked access to a sensitive data trove. In interviews, the hackers admitted that they stumbled across an admin username and password on the web. The “hacktivists” had access to live camera feeds of nearly 150,000 security cameras from some 24,000 customers, along with internal financial documents, customer lists, and the complete database of camera recordings.Īffected customers included “schools, offices, gyms, banks, health clinics and county jails churches, volunteer fire departments, hotels, sports bars, rehabilitation centers and children’s foster-care homes, as well as major tech companies such as Cloudflare” and Tesla, according to the Washington Post. This week, news broke that hackers infiltrated Verkada, a Silicon Valley security company specializing in camera systems.
0 kommentar(er)
