Twitter Hack Big Advertisement for Two-Factor Authentication

by

February 28, 2016

In June of 2016 a massive hacking incident occurred that involved over 32 million accounts. According to LeakedSource, the Dark Web came into possession of the information linked to those accounts and put it up for sale.

If you haven’t switched to two-factor authentication (2FA, a.k.a. TFA, or multi-factor authentication, or MFA) for your login verification, you should know that 2FA gives you the security assurance that no one else will be able to log in to a certain account except you. 2FA or MFA sends you a verification signal to your smartphone or other device which you then enter or click on, making sure that some cybercriminal opportunist isn’t sending phishing tweets on your behalf or using your stolen personally-identifiable info to set up an account or spam friends or associates in your circles.

A September 2016 LeakedSource report relates that Twitter reacted to the Dark Web sale of nearly 33 million Twitter accounts’ related personal data by locking-down the accounts of millions of people. Twitter doesn’t believe, however, that its servers were directly attacked, leading users and online security experts to believe that the cybercriminals “may have created a composite of data from other breached sources,” according to IT Specialist. Malware was likely used to extract passwords from devices, IT Specialist also contends. Facebook CEO Mark Zuckerberg was reportedly one of the Twitter hack victims, and as a result, got ridiculed by The Telegraph for reusing the password “dadada” for multiple sites.

LeakedSource says the stolen Twitter data contains 32,888,300 records, including email addresses, usernames, and passwords, and has added the information to its search engine, which is a paid platform, but lets people find out if their information was leaked for free.

Experts at LeakedSource believe that user credentials were collected via browsers like Firefox or Chrome infected by malware rather than stolen directly from Twitter, based on information in the data (which includes the fact that many of the passwords are displayed in plaintext). Many of the affected users were alleged to be in Russia (6 of the top 10 email domains represented in the database are Russian, including mail.ru and yandex.ru).

 

Steps to Remedy the Twitter Hack

The end result of the Twitter cyber breach has been tens of millions of people being inconvenienced by having to reset their passwords (though it ends up being for the better). Those who haven’t done so should get the Twitter account set up featuring two-factor authentication. Here are some further tips to prevent password/login-oriented cyber-theft:

  • Enable 2FA on every account that offers it
  • Make all your passwords for all accounts unique, strong, and longer than 8 characters
  • Don’t use anything familiar to you, such as proper names, or even dictionary words
  • Encrypt all your passwords, either using a strong password generator, or DIY it
  • Get creative with encryption, using names in reverse, mixed with numbers and symbols
  • Never use ordinary words found in the dictionary for passwords

 

Additional Data and Login Security Assistance

By taking these prescribed steps to securing your account through better login verification (2FA), you will keep your data safe from cyber-crooks. You can also speak to an IT expert about login and password safety and security at Integris, which is a proven leader in providing IT consulting and cybersecurity in Baltimore, Washington, DC And Across Maryland. Contact a representative at (888) 330-8808 or send us an email at [email protected] today, and we can help you with all your password/login security questions or needs.

We're Integris. We're always working to empower people through technology.

Keep reading

The Password is Dead: Introducing MFA

The Password is Dead: Introducing MFA

As luck would have it, “password12345” just isn’t cutting it for account security anymore. The password is dead: more and more headlines are using this phrase to describe severe security issues with the average password. It’s true that bigger and bolder hacks have...

Nine Rules For Strong Password Creation

Nine Rules For Strong Password Creation

Do your employees know how to create a strong password? Is authentication management a priority at your company? If you're answering no to either question, you could be placing your organization at serious risk. Why? Because guessing employee logins is one of the key...

Zero-Trust Architecture: What is it and why should you care?

Zero-Trust Architecture: What is it and why should you care?

If you're like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing. You've got two choices: 1. You can either go to...