Can you imagine finding your email or social media login information on some type of website where people sell or monitor news? For some people, that may have happened. Recently, Proton disclosed that more than 300 million usernames and passwords were listed for sale on a dark web marketplace where hackers are able to buy and sell stolen usernames and passwords.
When I read this, the first thing I thought about were all the websites I used those same password combinations for. You may have done that too, so keep reading because this article may matter to you.
To break it down further, what does this mean?
Have you ever used the same password for more than one site? If one of those sites was hacked, you could be at risk on it as well. This is why this is a problem.
Research from Proton also found that small and medium businesses (SMB) were affected the most. Approximately 70% of incidents affected businesses that had fewer than 250 employees. It’s probably a good idea to protect large corporations, but this is a reminder that can so can smaller businesses.
• Use a different password for each account.
• Enable 2FA – Two-Factor Authentication (2FA) adds an additional level of security.
• Visit sites like “Have I Been Pwned” or Proton recently launched their tool to check if your email has been leaked.
• Change old passwords you have been using for a while.
• Don’t trust suspicious-looking emails, they are phishing attempts.
Taking these small steps can go a long way in protecting your data.
If you could walk away with one takeaway, here it is: Your passwords are an asset. Treat them like your wallet or your keys—keep them secure, and never put them anywhere.
Now go change that old password, turn on two-factor authentication (2FA), and be diligent. Because once that information is out into the ecosystem, it will likely never get back.
When I read this, the first thing I thought about were all the websites I used those same password combinations for. You may have done that too, so keep reading because this article may matter to you.
What Happened?
According to Proton's new data report, hackers have obtained over 300 million logins and usernames and are now for sale on the dark web.To break it down further, what does this mean?
- 300 million logins were exposed on the internet.
- Approximately half of these logins included passwords or just email addresses.
- This data was taken from hundreds of data breaches across the web.
Why This Matters
What we mean by “credentials” is your login credentials, specifically your email, username, and password. Once any of this is obtained by a hacker, they will try any of your accounts.Have you ever used the same password for more than one site? If one of those sites was hacked, you could be at risk on it as well. This is why this is a problem.
Research from Proton also found that small and medium businesses (SMB) were affected the most. Approximately 70% of incidents affected businesses that had fewer than 250 employees. It’s probably a good idea to protect large corporations, but this is a reminder that can so can smaller businesses.
What You Can Do Today
Let’s not panic here, just be smart:• Use a different password for each account.
• Enable 2FA – Two-Factor Authentication (2FA) adds an additional level of security.
• Visit sites like “Have I Been Pwned” or Proton recently launched their tool to check if your email has been leaked.
• Change old passwords you have been using for a while.
• Don’t trust suspicious-looking emails, they are phishing attempts.
Taking these small steps can go a long way in protecting your data.
My Thoughts
Honestly, this article is one of those stories that sticks with you. When you look at the number of compromised logins at 300 million, it shows you how concerning cyberattack threats are in today's world.If you could walk away with one takeaway, here it is: Your passwords are an asset. Treat them like your wallet or your keys—keep them secure, and never put them anywhere.
Now go change that old password, turn on two-factor authentication (2FA), and be diligent. Because once that information is out into the ecosystem, it will likely never get back.