A couple of incidents remind us of why you should never reuse passwords.
Users have been receiving notice from MysteryScience about a breach. They are asking users to change their password.
*Reminder, do NOT click on the link in the email to change your password. Rather, go to the web site (in this case MysterScience) and use the Change password feature within the web site. This is a simple protection against phishing.
Massive Password Breach
This one doesn’t have a “cool” name, but is significant. A write up from the Infosecurity Group explains why this is so dangerous.
Billions of email addresses and plain text passwords have been leaked online by an unnamed party, putting countless internet users at risk from credential stuffing and other attacks.
In total, the database contained 2.7 billion email addresses, and plain text passwords for more than one billion of them — providing a perfect starting point for a credential stuffing campaign.
“Since many employees share passwords between their work and personal accounts, this leak not only problematic for the individuals who own the accounts, but a big risk for enterprises globally as well,”…