You would be wrong if you thought so.
Even after hours of email security training, and articles like this one, many people still use the same passwords for their logins.
If SpyCloud's recent research is any indication, it is actually worse. They looked at data that contained 1.7 billion password and username combinations, gleaned from 755 leaky sources in 2021. According to their research, 64% of people still use the same password that was exposed in a data breach for other accounts.
Google now tells Chrome users exactly how many passwords they have saved at risk. Even though they have the information in front of them, more than half of users will not change their habits.
Because the methodology used to calculate these statistics is not exact, you should not look at them as fact. However, it doesn't really matter if the percentage is five or lower, the larger issue is the same.
Everyone is well aware of the dangers that bad passwords can pose. Everybody is well aware of the dangers associated with using the same password for multiple web properties. Yet, little is being done to change this.
It's unlikely that there will be any change in the situation until there is a financial penalty. This could come from hackers using weak passwords to financially punish those who use them or companies starting to fine them. It is a real shame that it has reached this point.
Integrated Technology Systems can help make your employees aware of the dangers of poor password management. Give us a call today to see how we can help.
Nvidia confirms a network security breach
Nvidia was one of many large corporations that have fallen prey to hacking attacks. A group of hackers calling themselves "Lapsus$", began sharing details about the attack and the damage it caused. Nvidia confirmed that the attack was carried out.
Nvidia issued a formal statement that reads, in part:
"NVIDIA was made aware of a cybersecurity attack that had a negative impact on IT resources on February 23, 2022. We immediately took steps to strengthen our network and engaged cybersecurity incident response specialists. The incident was notified by law enforcement.
We do not know of any ransomware that was used on NVIDIA's environment, or that it is connected to the Russia-Ukraine war. We are aware, however, that the threat actor has taken employee credentials and NVIDIA proprietary information from NVIDIA's systems and begun leaking it online."
There is currently no information on how many employees' credentials were stolen. It is not known what proprietary information was stolen. According to the official statement, however, it doesn't appear that any customer data was stolen. You should be cautious considering that hacking has occurred. It's a good idea to immediately change your password if you have an Nvidia account.
According to the corporate release, the investigation is still ongoing so it is possible that we will receive more information at a later date. The year is still young, and we will hear from dozens more companies that have been affected by hacking attacks.
Even with all the security measures in place, corporate network breaches are still a major problem. This is despite the fact that poor email habits and lax password usage (see above) continue to be the main cause. Although we don't know the exact mechanism by which the hackers gained access, it is likely that it was linked to one of these two.
Is your network secure? Could you be the next corporate attack? Call us today if you are not sure of the answers to these questions.
Integrated Technology Systems
6 East 45th Street, Suite 400
New York, NY 10017
212-750-5420
https://www.itsnyc.com/
