Last Wednesday, LinkedIn
reported that a number of users had their passwords compromised. Although
not confirmed by LinkedIn, it’s estimated that about six million of its 161
million + network fell victim to the security breach. If you’ve been following
Talascend and me for a while you’ll remember the piece about creating
passwords using a cipher.
Some choose to ignore the problem hoping it will go away. Even
worse, infrequent users might not realize that anything has happened and the resulting spam propagates to incredible levels. Some choose to get right out there and
post on Facebook and Twitter, ‘folks my password has been compromised. I am not
stranded in London. I am OK. Please do not respond to messages from me that ask
for money, unless of course, I call you and speak with an outrageous accent or send a grammatically incomprehensible email.’
What’s the proper etiquette or social protocol to inform friends, family and colleagues that a hacker has infiltrated your personal online space? Here are three ways to address your network.
- Humor - ‘Two passwords walk into a bar.’ Even if you’re not exactly on the comedy A-List, a good way to break the ice with your network is to use a little bit of humor. Like the example above, be a little ridiculous. Give examples of old fraud emails. Talk to them about free iPads or winning a $1000 gift card to BestBuy. Then get serious. Tell them not to open anything that has a link in it and, if you must send them a link, remove the hyperlink and tell them to cut and paste it.
- The straight forward approach - If you’re the no nonsense type, simply get to the point and be done with it. In the LinkedIn example, if your account was hacked give them the facts, let them know you’re on top of it and when likely the problem will be resolved. Tell them how to find more information on the attack and how to create a better password.
- Infrequent users: Check or close your account - Social media accounts that are inactive or abandoned tend to be the most vulnerable to attack and the most dangerous simply because users might not get notification if a breach has occurred. Chances are, say if you migrated from MySpace to Facebook years ago, then many of your friends have done the same and many of them still have the same email address. They could be getting messages from you for anything from ‘cheap prescription drugs’ to ‘cut rate insurance’ without you knowing it. One of the best things you can do is rid yourself and the web of those inactive accounts.
If you’re connected to the Internet or any network, you are
at risk. Sometimes, even the best passwords are compromised due to hacker
ingenuity. It’s still important to choose a password that is not easily
detected. It was also reported that about 1.5 million eHarmony passwords were
hacked and published the same day and a significant number of those had ‘eharmony’
or ‘harmony’ as part, if not all, of the password.
Is there shame in being hacked? Is it a cause for personal
and professional worry?
If you choose easily guessed passwords, you should probably feel a little angst if you get hacked. Your lack of concern could cost you and your network a host of problems. If you get bested by hackers even with a high strength password, then fear not; quick action and honesty can help you save face. Even having a perfect, random character password won’t protect you from a site you are a member of being compromised as in this case.
If you choose easily guessed passwords, you should probably feel a little angst if you get hacked. Your lack of concern could cost you and your network a host of problems. If you get bested by hackers even with a high strength password, then fear not; quick action and honesty can help you save face. Even having a perfect, random character password won’t protect you from a site you are a member of being compromised as in this case.
What do you think proper protocol should be?