1. We (all of us) need to demand better security
Is It Really That Bad?
This hack could have serious repercussions. Sites like AdultFriendFinder and its affiliates collect important information that could be used by identity thieves. Your name, email and physical addresses, and phone number are all crucial to identity theft. If you notice any suspicious financial activity after a breach like this, contact the relevant institutions immediately.
The fact that these particular sites are adult-oriented means that this information could potentially be used for blackmail as well. If your hookups, one-night stands, and sexual preferences were to be made public, what would you do or pay to prevent it? It’s a sobering thought. Whether or not you want to bring up the fact that your name might be on one of these lists with someone close to you is a tough decision, too.
There’s always the risk of simple mayhem, as well. Plenty of hackers are out just to cause problems for other people. This could mean deleting your other accounts, taking over your social media feeds, sending spam or malware to the people in your email contact list, and many other things that aren’t inherently as bad as identity theft or blackmail, but are still really annoying.
How to Prevent This Next Time
Obviously we all hope there’s no next time. But based on what we’ve seen over the past couple years, it seems like there’s a good chance. So here’s what needs to happen.
Whether you had an account at one of these sites or not, this concerns you. The companies storing our data need to know that security matters. A lot. We need to start expecting companies to not only protect our data, but to explain to us in clear terms how they’re going to do that.
Sign petitions, fill out feedback forms, choose where you bring your business. These are the sorts of things that will show organizations that security is important.
2. Understand that nothing online is private.
Sure, encrypted messaging will keep people from eavesdropping. Encrypted email makes it nearly impossible for the NSA to read. But when you entrust your data to someone else, there’s a possibility that someday it will be made public.
Keep this in mind when you sign up for services like AdultFriendFinder or Penthouse. If you still want to sign up, at least open up a new email address and use an anonymous, temporary credit card (like Vanilla Visa) for that purpose. Managing multiple email accounts can be a pain, but think of the alternative.
3. Choose strong passwords.
If your data is leaked, there are a few ways to minimize the damage. The first and best way is to choose unique passwords for all of your accounts. Anyone who gets hold of one of your passwords isn’t going to be able to do anything with it, because it won’t work on any other sites.
We’ve shown you all sorts of ways to come up with strong passwords. And using a tool like LastPass’s password generator (pictured above) will give you nearly-uncrackable passwords. The top 10 passwords from AdultFriendFinder were as follows:
- 123456
- 12345
- 123456789
- 12345678
- 1234567890
- 1234567
- password
- qwerty
- qwertyuiop
- 987654321
These ten passwords were in use by almost three million accounts, with « 123456 » making up over 900,000 of those. It’s embarrassing.
Come On, People
Our entire lives are online, and in many cases, they’re protected by little more than a single password. The companies we entrust our data to aren’t doing a good job of protecting it. We’re putting too much faith in them, and we’re not putting in the effort to create backstops. This just shouldn’t be happening anymore.