This week (09/11) reports started appearing about 5 million gmail account details being published. Presumably a subset of the 1.2 billion user details currently in the hands of our Russian friends harvested over the last few years via phishing and malware scams and now correlated, sorted and productised. Your identity, for sale, by Boris Goddamski.
Although some of the data appears to be old, some is current and we recommend that you change your Google password and please TURN ON TWO FACTOR AUTHENTICATION. It’s really easy – configure it under ‘2-step Verification’ here: https://www.google.com/settings/security
Two factor authentication is more readily available than you might think, Facebook, Twitter, Dropbox all have it as well as most cloud and dev services like Github. Make the effort, turn it on. Today.
Whilst wasting endless hours on the Internet, sorry that should say whilst conducting serious research on the Internet we came across this site run by a Microsoft Uber type (they call them MVPs) by the name of Troy Hunt:
You enter your username (not your password too, that would be silly) and it checks against a list of around 175 million leaked credentials to see if yours is amongst them. Why not give it a go, preferably when the pubs are open in case the news is not good?
ITC are working on a daily basis to try and identify and stop theft and abuse of user credentials. We have a number of clever tricks up our sleeves including the ability to have a look on the dark side, TOR (the Mordor of The Internet) to see what people are saying about your people or your organisation.
If you would like to talk about securing your stuff or finding out if you are on a list (never good), contact us at: [email protected] or call 020 7517 3900
Apologies for banging on about two factor authentication but it really is the best way to keep yourself safe in the cloudski, just do it.