If you've used many of today's popular social networking sites, there's a good chance you've recently been asked to change your password. The reason? Several of these sites have suffered data breaches, where large amounts of user information including email addresses, user names, and passwords have been exposed and/or sold. Just this week, Twitter joined the crowd, with a purported 32 million accounts being compromised.
While the hacker associated with the Twitter incident claims the popular website was breached, in actuality its users were. The likely explanation is that tens of millions of people were infected by malware that harvested Twitter credentials in the victims' browsers.
Even after cyber criminals have gotten access to your personal information, you can still keep them from using it. One of the best options is to implement Two Factor Authentication (2FA) whenever available. Similar to the process Mayo employees use to remotely log in to the Mayo Clinic network, 2FA requires additional information in addition to the user name and password to log in to the site, portal, account, etc. So basically, the hacker would need a third piece of knowledge to be able to get into your accounts, aside from your email address/user name and password.
Check https://twofactorauth.org/ to find out if your personal accounts offer this type of protection from credential theft. Many times, you will need an app for your phone which generates a code (third piece of information), such as Google offers for its Gmail users.
As we continue to hear more about Information Security and the tenacity of the cyber criminal, it's important to protect our own information to the best of our ability- 2FA, complex passwords, and phishing awareness will help keep you and your families safe online.
Editor's Note: Nicki Alley is an Information Security Analyst at Mayo Clinic. A version of this article appeared originally on the Office of Information Security site on the Mayo Clinic Intranet.