The Credential Copy Crisis

Credential Copy Crisis

Hello readers, Detective Cy here! Did you know that using the same password for all of your accounts drastically increases your risk of being hacked? By using only one password, a hacker would only need to discover one piece of information to gain access to everything. Imagine having one key to unlock your car, house, safe, and garage. While it might seem convenient, you would lose access to everything if it was ever stolen. Unfortunately, an employee at a local municipality recently learned this fact first-hand.

While creating her company profile, a new municipal clerk didn’t think it would be a problem to use the same login information she had been using for Facebook. However, due to a privacy breach that occurred on the social media site, a hacker was able to gain access to the clerk’s Facebook profile and identify multiple associated profiles – including her work account. By simply trying the same password on each site, the hacker was able to immediately gain control of the clerk’s private municipal emails documents.

By the time the clerk realized her account was compromised, it was too late. Many of the municipality’s important files were deleted, stolen, or encrypted. They contacted their IT support team, who were eventually able to identify the problem. The clerk was forced to change their password, and was held responsible for the damages that occurred.

This situation could have been avoided if the clerk had used a different password for each of her accounts. Another method of avoiding password theft is to prevent websites from saving your login information. The municipality also could have maintained a backup of their files to mitigate losses during a breach.

Lessons Learned:

  • Always use different passwords or passphrases for each account you create.
  • Never allow a website or application to save your login information.
  • Always have backup files you can access in case of a breach.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email

MOre POSTs

The Vexatious Vendor
Education
Detective Cy

The Vexatious Vendor

Greetings everyone, Detective Cy’s back again! Did you know that many attempts to steal your private information are hiding in

email impersonator
Municipality
Detective Cy

The Email Impersonator

Hello all, Detective Cy here with a story about phishing! Is it possible that an email from your employee could