Yesterday it was reported that around 117 million LinkedIn emails and passwords from a 2012 breach were now being sold on the black market. There are 167 million accounts in the hacked database and of those, around 117 million have both emails and encrypted passwords. And just a few weeks ago news broke that more than 250 million email addresses had been hacked, including addresses from Google, Yahoo, and Microsoft. It’s believed that these stolen credentials were endangered, but the extent of the threat is not yet known. With any breach, especially when details are unclear, it’s best to take precautionary steps to ensure your accounts are safe.
Change your LinkedIn, Google, Yahoo & Microsoft passwords: The best, most secure passwords are long, unique, and random. Be sure you don’t choose a password that you’re using elsewhere; unique passwords ensure that if they’re leaked in a breach like this one, they can’t be used by hackers to get into any of your other accounts. The best option? Use a password generator to ensure the highest level of security. For LastPass users, be sure to use the Auto-Password Change feature currently available for Chrome and Safari, that will change a site’s password with a single-click. This feature currently supports 75 of the most popular websites, including LinkedIn, Yahoo & Google.
Be proactive with other passwords: Take the LastPass Security Challenge to see where you have weak, compromised, or re-used passwords. Pay special attention to any accounts where you may have reused your Google, Yahoo or Microsoft passwords. The challenge will help you take action and will even replace these passwords for you, automatically.Launch the Security Challenge
Enable two-factor authentication (2FA): With 2FA activated on your important accounts it means that even if a hacker has your password, they will not be able to access the account without having a second piece of information such as a one-time code generated from an app on your phone or a fingerprint. Two-factor is incredibly valuable for your email address, which is essentially the gateway to everything you do online, including your bank account, credit cards, investments, and much more. If you are a LastPass user, we recommend that you setup two-factor authentication on your LastPass account. Here’s how to set up 2FA for the compromised companies:
Unfortunately, what happened with LinkedIn, Google, Yahoo and Microsoft users’ passwords is becoming all too common and it’s likely we will continue to see more-and-more similar hacks in the future. Ensuring your security is tight is especially important with these ‘gateway’ accounts that offer a pathway to the rest of your life online. A breach of this magnitude can cause anxiety but these steps will help bring you peace of mind and protect your sensitive information.