This will be a short blog entry. Essentially, a general observation.
If your enterprise was breached and screenshots of user account passwords posted on the Internet or dark web..... would you minimally ask the effected users to at least change their passwords?
I'm asking for a friend.... or a friend who has invested in a traded company who recently had a breach.
Well, the breach was almost a month ago, but today, if you take the usernames and passwords that had been publicly posted by the attackers (RansomeXXX) several weeks ago..... these accounts still work.
The passwords have not been changed on a dozen of the accounts sampled by a Hacker called NothingCh@nges3113.
I wonder if the PornHub account passwords have been changed.......
All joking aside, obviously senior management and staff in general are busy getting back to work after a significant security breach, but appearances being important, they really should tell the staff to change their passwords, use quality passwords in the future (as many of the ones exposed are rather poor in quality), and activate MFA for the services who have this option (which most do)
Eric Parent is a senior security expert, specialized in coaching senior executives. He occasionally teaches CyberSecurity at l'Ecole Polytechnique and HEC Universities in Montreal, and is CEO of Logicnet/EVA-Technologies, one of Canada's oldest privately owned security companies.
Follow Eric on:
LinkedIn : EVA-Technologies