Account Credentials Are Hot Hacker Commodity
Just last week, videogame maker Ubisoft reset millions of account holder passwords after attackers gained access to its online network. An unpredictable fluke? Not really. In the 2013 Verizon Data Breach Investigations Report, the study found one glaring commonality among the hundreds of data breaches it examined. Financially motivated cybercriminals, hacktivists and nation-state driven attackers out to steak corporate data all sought and used stolen account credentials to gain access to systems containing sensitive information. There was no need to exploit a vulnerability or carry out a multi-pronged, sophisticated cyberattack. In nearly every breach, attackers used stolen account credentials to pose as valid users on the network to avoid triggering the security systems in place. The following massive password breaches highlight the need for stronger passwords, the use of password management tools and two-factor authentication.