Sharing personal information plays part in Neiman Marcus hack
Data that you share on social media could end up for sale on the Dark Web.
Adjust your privacy settings on social networks. You never know who may be watching!
The luxury retailer Neiman Marcus is the latest victim of a data breach. At the end of January, Neiman Marcus notified their online customers that unauthorized individuals attempted to access customer's online accounts by trying various login and password combinations using automated attacks. The hackers were able to accurately guess the username and password combinations and access some online accounts. Neiman Marcus reported that only a small number of these accounts were used to make unauthorized purchases.
Personal information shared on social sites combined with Personally Identifiable Information (PII) and username and passwords for sale on the Dark Web, are making data breaches of this type more common. Cybercrooks, terrorists, and nation states buy information from shady sites, then use it to break into banks, launder money, or make trouble for big U.S. companies like Neiman Marcus Group.
"These bad guys are assembling portfolios of individuals," said Avivah Litan, an analyst at Gartner in an interview with DataBreachToday about the breach. "They've got a big database of American citizens and all the data associated with their identity, and lots of different people are buying up this data on the Dark Web. And they're using this data to get to their targets."
Responsibility for customer safety belongs heavily with the organization. They should encrypt any customer contact information and use stronger authentication methods than just a username and password. But, we as consumers make the hacker's job easier by using the same username and password on multiple accounts. Once one set of credentials is compromised, then hackers will test them to get access to other websites.
We can take steps that make it harder for a cybercrook to gather information on us and break into our accounts.
Clean up those passwords
One of the simplest ways to protect yourself against online threats is to use strong passwords for each of your accounts. Passwords manager from Avast can help you manage passwords for multiple accounts across the web and create encrypted, strong, unique passwords. Every Avast Antivirus customer can use this feature for free.
Avoid oversharing on social sites
Social media is fertile ground for cybercrooks to gather personal information. Sharing something seemingly innocent like your dog's name, your birthday, or your mother's maiden name can give insightful crooks the answers to security questions of your bank account. Put that together with PII and they're in.
Learn about the latest breaches, the biggest breaches, and what you can do to keep yourself and your information protected with our Avast Data Breach Survival Guide.
On May 2, celebrate World Password Day by leveling up the strength and complexity of these most critical of security measures — your passwords.