If you haven’t already, you should change your RIT and other email account passwords right now. Last week, Hold Security found that millions of Yahoo Mail, Gmail, and Hotmail account credentials were being traded in the criminal underworld. The culprit that managed to obtain these stolen credentials is a Russian hacker, known only as “the Collector”, who seems to be offering up the information mostly for free.
The majority of stolen accounts were from Russia’s popular email service, Mail.ru. Also compromised were approximately 40 million Yahoo Mail accounts, 33 million Microsoft Hotmail accounts, and 24 million Gmail account credentials. It is still unclear whether any of these accounts have been hacked or how many of the credentials are accurate. Hacked accounts can be used to access a user’s list of contacts and wreak havoc across the web. There are also dangers of financial theft and reputational damage if these credentials belong to active accounts.
This isn’t the first time something like this has occurred. In 2014, around 5 million Gmail addresses and passwords were leaked online. According to Google, when login credentials are stolen it doesn’t necessarily mean the email service has been breached. Usernames and passwords can be stolen in a variety of ways. For example, if you reuse the same login credentials on multiple websites, when one of these websites is hacked, your credentials can be used to login to other accounts. Attackers also frequently use malware and phishing attempts to steal your usernames and passwords.
So, what should you do?
To protect yourself and your information, you should reset all passwords now. Make sure you are using a method to make your new passwords strong and hard to crack.
Do Not Repeat Passwords
Also, make sure you never use the same password for multiple accounts, especially your Gmail and RIT accounts.
Use Two-Factor Authentication
It’s also a good idea to turn on two-factor authentication for important accounts. This way, even if your credentials are compromised, a hacker needs an additional code in order to access your information.
Use a Password Manager
Create an account with a free password manager to store all your login credentials securely. Password managers allow you to create strong, random passwords which make your accounts harder to hack.