Just last week, videogame maker Ubisoft reset millions of account holder passwords after attackers gained access to its online network. An unpredictable fluke? Not really. In the 2013 Verizon Data Breach Investigations Report, the study found one glaring commonality among the hundreds of data breaches it examined. Financially motivated cybercriminals, hacktivists and nation-state driven attackers out to steak corporate data all sought and used stolen account credentials to gain access to systems containing sensitive information. There was no need to exploit a vulnerability or carry out a multi-pronged, sophisticated cyberattack. In nearly every breach, attackers used stolen account credentials to pose as valid users on the network to avoid triggering the security systems in place. The following massive password breaches highlight the need for stronger passwords, the use of password management tools and two-factor authentication.
1. Sony breach
2. Linked In password breach
Get the rest of the top 10 list in the CRN article located here: