The digitalization of data allows it to move effortlessly and be accessed from devices and places around the world within a matter of seconds. This also makes it possible for businesses, organizations, and even individuals to collect and analyze this data for a variety of reasons. However, not all of these purposes are well-intentioned. More often than not, cybercriminals use the abundance of digital data to their advantage. According to Ars Technica and security researcher Troy Hunt, password data and other personal information belonging to as many as 2.2 million users of two websites – a cryptocurrency wallet service and a gaming bot provider — has been posted on the Dark Web.
What information is included in these databases? The first data haul includes personal information for as many as 1.4 million accounts from the GateHub cryptocurrency wallet service. The cybercriminal who posted this 3.72GB database stated that it also includes two-factor authentication keys, mnemonic phrases, and wallet hashes. The second haul contains data for about 800,000 accounts on RuneScape’s bot provider EpicBot, including usernames and IP addresses. Both databases include registered email addresses and hashed passwords.
So, what lessons can we learn from this data dump and what can we do to help secure our information? Check out the following security tips to help protect your digital data.
- Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
- Use strong, unique passwords. Make sure to use complex passwords for each of your accounts, and never reuse your credentials across different platforms. It’s also a good idea to update your passwords consistently to further protect your data.
- Watch out for other cyberattacks. Be on high alert for other malicious attacks where cybercriminals could use stolen credentials to exploit users, such as spear phishing.
- Check to see if you’ve been affected. If you or someone you know has a GateHub or EpicBot account, use this tool to check if you could have been potentially affected.