Data breaches where user credentials have been stolen and leaked online are all too common, and the aftermath follows the same pattern. The Service Provider will investigate, invalidate the affected login credentials and require users to reset passwords. But, what happens when credentials are stolen from applications that are no longer in use in your organisation, applications that were probably long abandoned? There's no action required and no need to be concerned, right?
“The password you have entered isn’t correct. Please try again.”
A message that doesn’t fail to cause a sinking feeling in even the strongest of stomachs.
One of our highly-regulated customers, Betsson Group, will take to the stage at InfoSec 16 this week to explain the business benefits realised by using My1Login to solve security and compliance challenges.
The Original Hack
On the 5th June 2012, it was reported that 6.5 million LinkedIn usernames and passwords had been stolen by Russian ‘black hat’ hackers. The passwords were hashed with SHA-1, but a salt was not used - a weak practice that LinkedIn have since changed.
For the fourth year in a row, My1Login will be exhibiting at InfoSecurity Europe 2016. It's Europe's number one information security event and is being held at the Olympia, London from 7th - 9th June. We're looking forward to welcoming old and new faces to Stand B285!
As well as exhibiting, we’ve got something exciting happening for us at this year’s event:
Another Day, Another Hack?
That’s how it seems at least. We posted last year about entering an open season on hacking; hackers didn’t discriminate, anyone from Sony right down to a country pub were targeted by hackers for any number of reasons and it doesn’t seem to be showing signs of stopping. If anything, hacking is becoming even more prevalent, despite companies being more aware of the threat. The latest high profile target; UserVoice.
Every IT Department worth their salt has a password policy that their employees are required to adhere to. In reality though, your password policy is broken and it won't keep your company secure...
After a year that was full to the brim with high profile enterprise data breaches, it’s unsurprising that password security is a hot topic as we venture through 2016.
There’s been a number of announcements from enterprise organisations in the last few months about new, innovative ways they intend to replace passwords and better-secure customer accounts, without compromising ease of access.
It’s common knowledge that employees are the weakest link in corporate security, with their poor practices being responsible for 65% of the causes of data breaches. However, a study by Absolute has found it’s actually a subset of users, Millennials, who are the worst offenders and pose the greatest risk to your organisation.
2015 was a bumper year for data breaches, with 475 million records being stolen across the most-severe 200 hacks. TalkTalk, Ashley Madison, Carphone Warehouse, Rakuten & LINE Corp all hit the headlines for high-profile data breaches. Most hacks don’t make the news, but with a whopping 30,000 websites being attacked everyday, it’s imperative that the level of security assurance in your organisation is sufficient to mitigate the risks.