Even before personal computers and mobile phones became everyday technology, hackers were breaking through the available networks to steal information (among other things). For example, a hacker known only—and, it seems, ironically—as Peace_of_Mind trying to sell the passwords and emails belonging to 360 million Myspace users.
The price for these accounts? Six bitcoin; approximately $2,800.
Really? Myspace? Well, apparently even though the social network is not used quite as often any more the information might be useful enough to pay for. Of course, it is not quite clear if the social network, alone, was breached but Peace believes that the leaked data was, in fact, the result of a previously unreported breach. Paid hacked data search engine LeakedSource—who has access to all of these stolen passwords—has also confirmed that this data could be from a June 11, 2013 breach.
Tumblr also made the breach public, announcing the potential breach of 65 million accounts (though they have not necessarily confirmed a number). In addition, adult dating website Fling has reported 40 million account breaches.
Of course, with knowledge of this, anyone who has a social media account might want to consider chasing their password. Strong passwords, of course, incorporate both letters and numbers and, on occasion capital letters and/or other symbols. Web security experts advise not to use number and letter sequences that might be easy to figure out: like your birthday, address, pet name, and other things that can be easily discerned from your social media account. Furthermore, experts advise that you should change your password—even just two of three digits of your existing password—at least every six months.
Also, it is often advised that you should not use the same password(s) on multiple sites—and don’t just make them slightly different, but use very different sequences.
On the other side of this, though, Tumblr (at least) is becoming increasingly aware of that hacking is just a part of life online. As such, they are increasing security to make their databases even harder to crack, even if information is stolen.
In addition, experts are saying that if you do get an email suggesting that your password has been stolen, you will want to make sure that the email, itself, is legitimate. Also, if you receive an email like this you should not click any link provided therein.
Obviously, breaches are probably not going to stop anytime soon. This means that security remains the responsibility of both providers and users to ensure the damage remains minimal.