These Logins Were Offered on the Dark Web

21 million logins for Top 500 firms were found on the Dark Web – a part of the internet that cannot be located via conventional search engines like Google and is often used as a marketplace for criminal activity.

If one of your online accounts have been hacked recently, then it’s possible that your account login and password may have been obtained by hackers via the dark web.

Keep reading to learn how this happened, and how to prevent it from happening to you.

The dark web is a part of the internet that’s often used for criminal activity.

Amidst Several Cyber Security Hacks, Having a Strong and Secure Password is More Important Than You Think

Nowadays, it seems like every other week there’s another security breach or hack in the world of cybersecurity. Recently, over 21 million login credentials have been stolen from Fortune 500 companies and have made their way onto the dark web, where many of them have already been cracked and are ready to be exploited by hackers. A majority of the login credentials are in plain text – which means it’s extremely easy to read and ready to use.

According to reports published by ImmuniWeb, roughly 16 million credentials were stolen within the past 12 months, while 95% of all the stolen credentials contain unencrypted, plaintext passwords – meaning that the majority of passwords are ready to be used by anyone who can get their hands on them. 

While most of the credentials stolen belonged to technology and financial companies, all in all, the hackers were able to gain login credentials from health care, industrial, energy, telecommunications, retail, transport, and aerospace industries.

Out of 21 Million Passwords, Only a Portion of Them Were Unique

Although the report found upwards of 21 million logins, only 4.9 million of those passwords were unique, which suggests that many individuals were using the same passwords for their logins. After doing a quick run through of the list, it seems as though many people are in dire need of a new password and quick read of our Guide to Secure Passwords You Can Actually Remember.

For many industries, “password” and its variations were among the top passwords used. With that being said, it’s no wonder that some of these industries are experiencing a security breach – many of these passwords can be cracked within a few minutes, often on the first try!

What Can You Do?

A popular method used amongst hackers is the brute force attack, an activity that uses algorithms to unlock passwords through repetitive attempts. Essentially, a brute force attack will go through every combination until it eventually cracks the code. This means, the more simple your password, the easier it is for hackers to gain access to it. 

Stay Away From Obvious Passwords

The most obvious passwords are the easiest ones to break. Though easy to remember, choosing “password” or “123456” as your password isn’t going to do you any favours in the long run. 

Curious to know what were the worst passwords of 2019? Check out our blog post about the Worst Passwords of 2019 here.

Mix It Up: Include Numbers, Symbols, Capital Letters in Your Passwords

Adding some diversity to your password is a surefire way to keep it safe. Incorporating a bit of variation adds a layer of complexity to your password, making methods like brute force attacking a lot less successful. 

At the end of the day, security should be one of your top priorities when dealing with the online world. You could be saving yourself a lot of trouble by putting in the extra work to stay one step ahead.

Try DarkWeb Monitoring with Dashlane

Not only does Dashlane help you create and remember strong passwords for your online accounts, it also has a cool feature called Dark Web Monitoring.

To use Dashlane’s Dark Web Monitoring, simply enter an email address that you’d like to be monitored and Dashlane will alert you when it finds that email address, as well as any leaked personal information (such as passwords, social security numbers, etc.) linked to that email address on the Dark Web.

Dashlane’s Dark Web Monitoring feature scans dark web data for leaked personal information.

As a FixMeStick blog reader, click here to receive a discount on a Dashlane subscription and try this Dark Web monitoring feature today!