In the News
Another data breach impacts millions of accounts. In Quora Breach Hits 100 Million Users, Phil Muncaster at InfoSecurity Magazine discusses a data breach at Quora which exposed personal information and question feeds of users including passwords and email addresses. This breach is believed to be a result of credential stuffing and impacted accounts were required to create a new password.
Our Take
Any type of data breach is dangerous primarily because credential stuffing as an attack vector continues to be a successful route for attackers. With credential stuffing, attackers can gain access to data and user accounts based off of previously obtained information including names, emails, passwords, and phone numbers. This is particularly effective when individuals reuse passwords or do not implement multi-factor authentication when it is available. By creating unique passwords for every account that one has, credential stuffing can be preventable. Additionally, with question and response sites such as Quora, refraining from posting highly personal information either as a question or as a response can reduce the damage that a data breach has on your privacy.
Recommendations
How can you protect your personal information from being made vulnerable during data breaches?
- Understand the risks of putting your personal information into the world, and only share what you have to
- Never share highly confidential information such as financial or medical information through online messages, always discuss such matters in person
- Understand the legal rights and practices of companies that store your data
- Don’t reuse your account passwords, and take advantage of multi-factor authentication where possible
- Stay up to date on the news regarding recent data breaches to see if you may have been affected