What to do when your company's passwords are exposed in a data breach

FACT: Last year, there were over 3,400 data breaches publicly exposed.

No matter how secure our own organizations are, we have little control over how third parties store our data.

One leaked employee password can give malicious users access to your network.

When employees reuse the same password in multiple places, this problem is significantly amplified.

Millions of passwords are sold and leaked on the darknet every day.

In this post, we’ll cover how to check if your passwords are exposed, as well as the steps you need to take to mitigate the impact of breached credentials.

What kind of data gets leaked in a data breach

In a data breach, several types of sensitive information are often exposed, including:

1. Personal Identification Information (PII): This includes full names, email addresses, physical addresses, phone numbers, dates of birth, and social security numbers.
2. Financial Information: Credit card details, bank account information, and other financial data can be compromised, leading to financial fraud and identity theft.
3. Login Credentials: Usernames, passwords, and session tokens are commonly leaked, allowing attackers to gain unauthorized access to accounts and services.
4. Health Information: Breaches involving healthcare organizations can expose medical records, health insurance details, and other personal health information (PHI).
5. Employment Information: Employee records, including salary details, performance evaluations, and other employment-related information, can be leaked in breaches involving corporate entities.
6. Educational Records: Student records, including grades, enrollment details, and other educational information, can be compromised in breaches involving educational institutions.
7. Legal and Government Documents: Sensitive legal documents, government identification numbers, and other official records can be exposed in breaches involving legal or government entities.
8. Intellectual Property and Trade Secrets: Confidential business information, proprietary data, and trade secrets can be leaked in breaches involving companies and organizations.

How can one check if their password has been compromised in a breach

It’s important to stay informed about the security of your passwords and take action when necessary. There are several ways to do this, including:

Check Breach Notification Websites:

• Firefox Monitor: Firefox Monitor allows you to check if your email has been part of a third-party breach.
• Have I Been Pwned: Go to Have I Been Pwned and enter your email address or phone number. The site will tell you if your information has been part of any third-party data breaches and which ones.

Use a Password Manager:

Many password managers have a feature that checks your stored passwords against databases of known third-party breaches. If any of your passwords have been compromised, the password manager will alert you and suggest changing them.

Monitor Your Accounts for Suspicious Activity:

Keep an eye on your online accounts for any unusual activity, such as login attempts from unfamiliar locations, unauthorized password changes, or unexpected transactions. These could be signs that your password has been compromised.

Check Security Announcements from Companies:

If you hear about a data breach involving a service you use, check the company’s official communications. They often provide information on what data was compromised and what steps affected users should take.

Note: Most free breach notification sites and password managers only monitor third-party breaches and do not include stealer logs, which pose a significantly bigger threat to an organization.

Stealer logs are logs from malware-infected devices. The malware captures the credentials and session tokens in plaintext before they get encrypted. In other words, infostealer malware renders even the most complex password a weak password because attackers have access to it in plaintext.

My Work Credentials Were Exposed In a Data Breach – Now What?

If your corporate credentials were exposed in a data breach, it’s important to take immediate action. Here are four steps to keep your accounts safe:

1. Change Your Passwords: Start by changing the password for the breached account. Make sure to use a strong, unique password that is not used for any other accounts. What’s better than a strong password? A passphrase is a sequence of words or a sentence that is harder for attackers to guess or crack.
2. Change Passwords on Other Accounts: If you’ve used the same or similar password on other accounts, change those passwords as well. It’s a good practice to use a unique password for each of your accounts to prevent a single breach from compromising multiple accounts.
3. Enable Two-Factor Authentication (2FA): If not already enabled, activate multi-factor authentication anywhere it’s available. This adds an extra layer of protection by requiring a second form of verification, such as a one-time password or code from an authenticator app, in addition to your password.
4. Use a Password Manager: Use a password manager to generate and store strong, unique passwords for each of your accounts. This can help prevent future breaches related to password reuse. This can also help prevent phishing attacks by auto-filling credentials on websites.

Check Your Darknet Exposure

Last year alone, Breachsense indexed over 1.38 billion leaked passwords, over half of those were from malware-infected devices. Over 100,000 master passwords from online password managers were indexed as well. All it takes is one compromised corporate account to cause significant financial and reputational damage to a business. Having visibility into your organization’s leaked data is the first step in preventing a data breach.

Breachsense’s Check Your Exposure tool can show you what cybercriminals already know about your organization, including:

• Employee’s malware-infected devices
• Third-party breached data
• Combo lists
• Session tokens
• Company data being leaked or sold on the dark web

With over 560 billion recaptured assets, Breachsense gives you visibility into your breached data before criminals can exploit it. Check your darknet exposure today.