A recent security breach at Adobe put millions of user accounts, encrypted passwords and email addresses in the hands of hackers. But according to Ammon Bartram of SocialCam, what was “even more disturbing was the number of people who used the same password for their bank accounts, email, Facebook and home garage door codes as a password on the Adobe website. Some even used their Social Security numbers as passwords.” Plus, in a survey last year we found that 61% of consumers reuse passwords across multiple websites.
So why is password reuse one of the most alarming parts of the Adobe breach?
If you use the same account credentials across websites, when those credentials are compromised for one website, they will also be compromised for the others. With readily available technologies, hackers can easily determine for which sites you reuse those credentials. This puts you and those third party websites at additional risk. Thus, a breach can affect more than just the initial company and their customers; the impact can spread like wildfire.
PandoDaily is calling the Adobe breach the “security breach heard ‘round the world.” In fact, many third party website are taking action secure their own customers and their own sites. For instance, EventBrite sent notices to their users encouraging them to check if their email addresses were on Adobe’s list, and to change their EventBrite passwords no matter what. Facebook, too, took action. “Facebook users who used the same email and password combinations at both Facebook and Adobe’s site are being asked to change their password and to answer some additional security questions,” according to notable security expert Brian Krebs.
As a business owner or employer, take note of what these companies are doing, and consider reaching out to your customers and employees as well. For advice on creating secure passwords, see our white paper, webinar and infographic on the topic.
Do you ever reuse credentials across websites? Have you seen any other companies taking action to protect their own customers in wake of Adobe breach? Let us know what you think! As always, join the conversation on Twitter and Facebook.