European social network VK.com has been making headlines since becoming the victim of a major hack. The platform, based in St. Petersburg, is known as “Russian Facebook” since the two sites are similar in many ways. VK, previously known as Vkontakte, has 300 million registered users and about 100 million active ones.
How Big Was the Attack?
ThreatPost asserts that 100 million user credentials are on sale on an underground marketplace called TheRealDeal. That accounts for 33 percent of the site’s total userbase and its entire active userbase — it’s an enormous attack. It is unclear how long this data was collected or by what means, but the login credentials in question are likely those that were in use between the years 2011 and 2013.
According to VK.com, the data is too old to be of value since the credentials likely have been changed. It is unclear, however, how users who did not change their passwords or login credentials during that time period are affected.
High-Profile Breaches Are Becoming Common
Having access to 100 million VK.com users is one thing, but cybercriminals have been busy in 2016: Myspace, Tumblr and LinkedIn have all been the victims of major hacks, leading to a leak of information of as many as 500 million combined users.
What Does This Mean for the Rest of the Internet?
That VK.com was hacked shows the importance of cybersecurity even when dealing with large, trustworthy platforms. VK claims it has used, “secure encrypted storage,” “password hashes” and two-factor authentication since 2012.
Security factors such as two-factor authentication need to be activated by the user to be useful, however. One of the main things that internet users should take away from this high-profile hack is that extra authentication steps are worth the time and energy they require.
Additionally, using the same login and password credentials across multiple sites is a dangerous gambit. Despite this, more than half of internet users still copy their passwords between different sites and platforms. Not every site can guarantee their users’ security completely, and cyberattacks can compromise even the best-protected information, making it critical that users have systems in place for protecting their own security should the need arise.
For IT companies and other businesses in the tech sector, this emphasizes the importance of secure data handling and encryption. Even if the end user is not concerned about the security of their data at first, they will be after they’re victimized by an attack of this sort. Businesses in this sector will have to implement stricter security protocols to protect themselves and their users.
Alary Clinitech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at (416) 291-7377 or send us an email at info@clinitech.ca for more information.