Request a Dark Web Report

How are Passwords Predictable?

Consider the number of websites, applications, systems, social media sites you use on a daily basis that requires you to enter a username and password. Everyone knows individual passwords are common and rarely change beyond a handful of complex and probable variations.

For example, a person could use “password1234” or “name2017” in one instance, and when a new password policy is enforced they might change it to “Password1234” or “Name2017”. Get it? You would be surprised how many times we’ve discovered users passwords to be “password” or “name”. Even when a user uses some upper or lower case characters it’s still not much different than the original one, and with a password dictionary app a hacker can crack the password in no time.

Let’s assume your using a complex password that is long, includes various characters, and is relatively difficult to remember. The reality is that the infrastructure storing that password could be the weakest link. This has been one of the most common targets for hackers. Once that system is compromised, and a users credentials is stolen there is a high probability the password used on their LinkedIn or iTunes profile is similar to the one used for email accounts, corporate IT systems, or bank accounts.

How to Protect Yourself from a Data Breach?

Well now that you’ve read this your probably wondering “what the heck can I really do?“. The reality is be Proactive.

Here’s a simple strategy I learned a few years ago. Every year call your bank and request a credit card replacement with a new number. Yes! If you made any online purchases it is very likely that your credit or debit card was part of a breach. Make it a common practice to replace these once a year. It’s that simple.

The same logic applies to your credentials. Our proactive monitoring detects compromised corporate brand, domain names, and email addresses. On average, we identify and report on more than 1 million compromised IP and 80,000 emails addresses per day.

We monitor cyber criminal forums, hidden websites, peer-to-peer networks, social media, deep and dark web sites. This is an example of findings for (1) company. There’s hasn’t been a client we’ve scanned that has NOT shown up in our reports.

Compromised Data Sample

• Organization Name: XXXYYYZZZ
• Industry: Medical/Hospitals
• Email Domain: XXXYYYZZZ.com
• Number of Employees: 8,200
• Compromised End User Accounts Discovered: 116
• Compromised PII Data: 84
• Sensitive Documents Discovered: 140