Earlier this month, I told you about CyberVor, a Russian hacker group that stole over 1 billion usernames and passwords from across the Web. Now, some of that stolen information has resurfaced in a cyberattack on domain name registrar Namecheap.
"Overnight, our intrusion detection systems alerted us to a much higher than normal load against our login systems," explained Matthew Russell, Namecheap's vice president of hosting. "Upon investigation, we determined that the username and password data gathered from third party sites, likely the data [linked with 'CyberVor'], is being used to try and gain access to Namecheap.com accounts."
Luckily for users, Namecheap already had steps in place to respond to an attack like this. It had a system in place to detect the attack, and most of the login attempts were not successful. It's also blocked all the ISPs that tried to use the stolen info and is working to secure affected users.
This could still be really disastrous because the successful logins gave the cybercriminals access to websites from across the Web. They could use that access to hijack whatever information and services were stored there. They could also reprogram the sites to redirect to other sites filled with malware.
If you haven't changed all of your passwords since the original CyberVor theft, you need to do it now! The group's stolen data will be useless if it's outdated. This latest attack proves how dangerous compromised passwords can be.
When you change your password, it needs to be secure. Click here to learn how to create strong and unique passwords for each account. Once you've changed all of your passwords, use a reliable storage program to help you keep track of them all.