September 16th, 2014 by Steve Cassidy
Database breaches, in which giant corporates such as Adobe, Ebay, or Sony lose track of copies of their user and billing databases, are becoming almost weekly news items in late 2014.
Sometimes this is given a hacker spin, other times it’s just a dull case of not knowing where all those USB keys or backup tapes have gone.
Consumers are meant to respond to the news, which manages to be simultaneously both worrying and vague, by meekly changing their passwords, even if they don’t think they’re included in the database that’s been stolen. Ebay’s alleged database theft triggered a mandatory password change, for everyone, right across the system.
I have some problems with this approach, because to be honest I have a whole lot of different web identities. Once you’ve signed up to enough services for review, this becomes inevitable: I have a slew of login names and emails, and figuring out which one goes with which service becomes a daily trial.
Full Article
