Should You Worry About the Latest Security Breach
By Leo Notenboom
Question: I just heard about a security breach that has exposed something like a couple of million accounts across several servers.
I have accounts on those services. How concerned should I be? Have I been hacked? What do I need to do next?
That’s a composite of several questions that I’ve received relating to a recent theft of something like two million user accounts and passwords.
I’ll address this specific incident, but I also want to discuss some things to consider with any large scale account theft.
Has my account been compromised?
With the current situation, accounts used to access several different services are involved. Reports are that some (although not all) of those services are informing account holders that their accounts were compromised. Some have even reset account passwords, forcing users to change their passwords on next login, or go through account recovery steps to prove that they are the rightful account holders.
Services that do this are doing exactly the right thing, in my opinion. It’s a hassle for the account holders involved, but it’s significantly less of a hassle than having your account stolen away from you.
If you use one of those services, you’ll already know because they would have reached out to you.
Unfortunately, not all services are taking this approach. To be fair, not all services may even be able to determine exactly who has and has not been affected.
This excerpt appears with permission from Leo Notenboom.