With 2021 almost finally behind us, and password management (opens in new tab) service providers Dashlane has taken the opportunity to look back at some of the worst password offenders of the year.
The company named SolarWinds and its cybersecurity-oblivious intern as the loser of the year after his/her unbreakable password - solarwinds123, leaked online.
The second-biggest password offender was COMB - or Combination of Many Breaches. This isn’t exactly a company being reckless, but rather - almost everyone in the world - being reckless. A database of more than three billion unique emails and passwords, from services such as Netflix and LinkedIn, all breached in the past, were posted on a hacking forum. With the world currently counting around 7.7 billion people, it's safe to say that many must have had their identities stolen (opens in new tab) in the breach.
Fostering a culture of security
The third-biggest offender was Verkada, whose username and password was found by cybercrooks online, using it to access the company's customer cameras and spy on people everywhere, from those working in Tesla factories, to those working out in Equinox gyms. Dashlane said cameras from hospitals and jails were also compromised, making this breach that much more sensitive.
These three may have been the worst, but they’re far from the only major incidents to occur in the past 12 months. Facebook, GoDaddy, WordPress, RockYou2021, ActMobile Networks or DailyQuiz.me, all made the list.
With the average cost of a data breach now being $4.24 million, and 80% of breaches being caused by weak, reused and stolen employee passwords, Dashlane says it’s now more important than ever, to keep businesses safe from phishing and other forms of online fraud.
To stay safe, businesses should create a “culture of security”, where employees understand their roles in protecting their company’s data and IT resources. They should train employees how to identify and report shady activity, adopt industry-standard cybersecurity tech such as endpoint security, password managers, email security, or MFA and security keys (opens in new tab), and measure their programs’ effectiveness.
Reminding everyone how devastating these leaks have been, Dashlane also warned everyone that unless we get our password act together, things are only going to get worse.
“If companies don’t start implementing positive password practice across their organization, the breaches are only going to get bigger and more dreadful,” said JD Sherman, CEO of Dashlane. “If your company were a car, you wouldn’t step away without rolling up the windows and locking the doors. Yet, computer users seem to be leaving cars running and keys in the ignition. Much of the nuisance associated with good password hygiene is taken care of by a password manager,” Dashlane’s CEO added.
You might also want to check out our list of the best identity management service providers (opens in new tab) out there