Blog

Small data breaches are a threat you need to know about

May 24, 2018

In recent years, massive data breaches have become regular news items – and for a good reason. During these attacks, millions of credentials are leaked and made available to malicious actors. With them, hackers have free reign to attack other sites in the hope of gaining access to user accounts.

But there is another, considerable threat bubbling below the surface.

Many people fail to recognize the damage incurred by small, unreported data breaches that take place all the time. Once a set of credentials appears on the Dark Web, it makes no difference where it came from. This rouge data can cause serious harm.

According to Verizon’s 2018 Data Breach Investigations Report, 58% of cybercrime victims in 2017 were small businesses.

In another recent study, analysts found that 90% of credential exposures comprised under 5,000 accounts. Which means they were connected to small and medium-sized businesses (SMB).

What’s the risk to your business?

A third-party data breach is a third-party data breach – wherever it originates from.

Read more here.

The problem is, most people use the same passwords and usernames over multiple accounts. So, if hackers compromise a user account in one breach, and that user enters the same credentials into your site, your business is at risk.

It doesn’t matter how small that the initial breach was. It only takes one match to put the security of your website, and your users, in jeopardy.

Why are SMBs so vulnerable?

For a start, it takes a lot longer for smaller websites to recognize a breach. When a large-scale breach takes place, administrators tend to be notified far more quickly.

Firstly, larger companies tend to have better detection tools. Secondly, a major breach is more likely to be picked up by the cybersecurity community and relayed to the media.

SMBs may NEVER know they’ve had a breach. And this is dangerous for everyone.

Individuals are less likely to be informed that someone has compromised their credentials. If they don’t know this, they won’t change them. If they are re-using those credentials elsewhere, their other accounts could be at risk too. One of those accounts could be on your website.

With less cybersecurity infrastructure in place, some SMBs may store passwords unsafely. So, if there is a breach, hackers can get the credentials they want quickly and easily.

Automated credential stuffing attacks using thousands, if not millions of breached credentials are on the rise.

You can protect yourself and your users from the threat of breached credentials with EyeOnPASS. But, to stop your site becoming the next source of breached account information, try the following steps.

At the very least, all businesses operating online should:

  • Make it compulsory for users to enter complex, single-use passwords.
  • Train staff well so they are aware of how to deal with sensitive user information like usernames and passwords.
  • Put a solid cybersecurity strategy in place, including antimalware and antivirus software, and stick to it.
  • Back up all user data in a remote location.

    –> Want to learn more about Data Breaches? Read our post about 5 Simple Steps to Protects your Website from a Data Breach

    Related Posts

    April 27, 2018

    Cybercriminals steal user credentials in several ways. With this lucrative user data, hackers steal funds, confidential information, and even identities.…

    April 20, 2018

    The hackers that breached the Democratic National Committee and Hillary Clinton’s presidential campaign used targeted phishing. And the next victim…

    February 9, 2018

    If different types of cyber-attacks were a group of friends, credential stuffing would be the odd one out. This isn’t…

    February 7, 2018

    Perhaps you have heard of the huge password breaches that online giants like Yahoo have suffered in the past years.…

    February 6, 2018

    Even if your website is secure, your user’s credentials could still be available to buy online. It’s time to learn…

    February 2, 2018

    Whether your business is big or small, it can get targeted by hackers. It’s easy to feel uncertain about how…