How to Protect Your Customers from a Darknet Data Dump

Following the government crackdown of the infamous black-market website Silk Road in 2013, the general public became suddenly aware of the existence of the darknet. Sensational news stories ran away with headlines about ‘hitmen for hire’ and digital drug cartels, but there was something much more pressing and relevant that was largely ignored – cyber theft.cyberattack

The darknet is a danger to businesses everywhere. With a few keystrokes hackers can buy and sell malicious code, phishing programs, how-to hacking guides, consumer information and much more. Even novices can take advantage of hackers for hire to crash or disrupt business operations if they so choose.

In the past year alone, there have been major data dumps affecting users from Yahoo and Dropbox. While it’s frightening to think that a cybercriminal might have access to your Yahoo email and password, the danger extends much further than you might think.

Credential stuffing is a popular and effective hacking technique that exploits stolen credentials (email and password combos) through automated trial and error or ‘stuffing’ programs to unlock users accounts across the web. Or to put things more simply, hackers use leaked account information from the darkweb to unlock your social media pages, business accounts, financial services, ecommerce stores and any service that accepts passwords.

This is especially dangerous seeing that more than half of all web users recycle their passwords and email addresses for multiple online accounts.

 

How to Protect Your Customers

How would your organization handle a cyberattack or data breach? Do your employees or administrative teams have access to a set of procedures to follow after an attack occurs? And what would you do if you found out that your database of customer information was released to the darknet? How would you protect them from credential stuffing?

These are tough questions, but it’s better to answer them now rather than wait for disaster to strike. The first thing you should do is report the incident to your cybersecurity provider, insurance provider and law enforcement. Nothing could be more deleterious to your company’s reputation than a cover-up.

Next, advise your IT department to examine your network for other points of data breach. Hackers are clever and know that they can distract their victims with one attack to conceal another.

Finally, alert your customers about the data breach. Assure them that you are working with the proper authorities and advise them to immediate change their passwords, security questions, etc. While email is a great way to notify your customers about the breach, do not include a link in your message directing them to a sign-in page. Cyber crooks regularly use similar techniques to lift login credentials and it’s best not to encourage this type of behavior.

Keep an eye on your user accounts for anything suspicious – including an increase in spam to your employees or customers or fishy purchases made with customer credit cards. If you caught the problem early enough, you might avoid catastrophe.

If, however, you discover that account information is for sale on the darknet, it is time to prepare your customers for credential stuffing attacks. Urge your customers to change their passwords on any and all accounts with similar sign-in credentials; and advise them to watch out for and report any suspicious activity.

While recovering from a cyberattack is something no company wants to experience, following the above steps will help you get back on track much faster. Remember to stay alert and stay safe… after all, it’s not just your security, but the privacy of your customers and clients too.

Reply