News

Remote Work Is Here To Stay, But So Are The Cyber Risks

More employees are going to work remotely. Learn why that presents even more cybersecurity challenges. Read More

IT Communication Breakdowns Lead To Higher Data Security Risks

IT can assist employees working from home to stop a cyberattack, but employees must first make the call. We examine the cybersecurity issue of remote employees not communicating with IT. Read More

Orion Malware Hack Increases The Need To Fortify A Vendor's Back Door

Microsoft found the Orion update malware on some of its network systems, emphasizing the serious nature of the hack. Learn how third-party suppliers increase cybersecurity risk. Read More

Spotify Breach: It's Time To Go To A Password Manager

Founded 14 years ago, the music streaming service Spotify now has 320 million users.

During the summer of 2020, hackers accessed at least 300,000 Spotify accounts, stealing login credentials, email addresses, and other user data. On July 3, 2020, vpnMentor discovered the records of 300,000 to 350,000 unique Spotify users in a database.

According to vpnMentor, the hackers were using the accounts to defraud Spotify and the users themselves. The organization stated that over the next three weeks, it helped Spotify identify the hackers that own the database, isolate the issue, and protect customers from further attacks. vpnMonitor said it implemented a "rolling reset" for compromised user passwords. Urian Buenconsejo "300,000 Spotify Users Hacked: Email Addresses, Logins, and Other Data Exposed" techtimes.com (Nov. 26, 2020).

Commentary

Spotify recommended that users change their password to a stronger password, including on services and apps associated with their Spotify account. Users should also “sign out everywhere,” which is important to make sure unknown or unwanted devices are not signed into their account.

These are good steps to follow anytime you receive notification from an organization that your account may have been hacked. You should use unique, strong passwords on every account. However, if you do use the same password on other accounts as on the account that was accessed, you must immediately change those passwords as well to unique, strong passwords.

If you struggle remembering unique passwords for every account, use a password manager. It is better to take advantage of technological tools to help you remember passwords than to use the same password on every account because you think you can’t remember them all. Most password managers provide passwords that are more difficult to crack and keep all your passwords in one place.

Finally, your opinion is important to us. Please complete the opinion survey:

Sign In

Are you a new user?

Register here

Retrieve password