Users of hacked online services at greater risk

display

Helsinki (dpa) - Users of online services with a data leak are exposed to a much higher risk of personally becoming a victim of a cyber attack.

The probability is three times as high as that of other users whose data was not leaked, according to a study by the Finnish security company F-Secure.

"Often users use identical or very similar access data for different services," said security advisor Laura Kankaala of the German press agency on the occasion of "Safer Internet Day".

The starting point is huge databases with personal data that were captured by hackers in companies through a break-in.

Sometimes, however, the data is simply unprotected in the network because the operators have not protected their databases from unauthorized access from outside.

“The attackers then take this list of usernames, email addresses and passwords and try them out on a number of popular services.

You can check fully automatically where these credentials work. "

display

60 percent of users whose data is stolen and often sold on the black market were themselves affected by cyber crimes - compared to only 22 percent from the group of those whose data was not “leaked” from online services through data leaks.

The stolen access information circulating online includes, for example, data from huge break-ins at Yahoo or Adobe in 2013, but also current incidents such as the break-in at the software company Nitro (gonitro.com), which alone has an estimated 87 million data records were stolen.

Kankaala recommended using different passwords for different services, which should consist of at least twelve characters - including letters, numbers and special characters.

"Since nobody can remember that, I recommend using password managers like KeePass".

display

Prof. Christoph Meinel, Director of the Hasso Plattner Institute (HPI), referred to the HPI Identity Leak Checker.

There, users can check whether their personal identity data has already been published on the Internet.

To date, more than 15.3 million users have had the security of their data checked with it.

In more than 3.6 million cases, users had to be informed that their e-mail address was publicly accessible in connection with other personal data on the Internet.

© dpa-infocom, dpa: 210209-99-363052 / 2

F-Secure Study "The Walking Breached"

HPI Identity Leak Cecker