We all know that we should do better when it comes to managing our passwords but most of us simply brush it off with some saying “I am just an individual with nothing to hide and nothing of value to the hacker. Let them at it, I don’t care.”
I can say with certainty that over 90% of people that have been compromised in the past had the very same attitude to online security.
By taking this approach of “it means nothing to the hacker” is naive and greatly underestimates what hackers are looking for.
The modern hacker is motivated by financial gain and are looking for the shortest path possible to hit paydirt so a popular attack is to take control of a “worthless” asset and hold it to ransom. Sure the contents to them directly are worthless but to you the victim it could be worth a lot to have it returned to you.
This has been demonstrated with the recent report from The West Australian on an Instagram Influencer, Meilissa Graham losing control of her account (link to new account included) that she relies on to generate an income through a credential stuffing attack.
Credential stuffing is when an attacker takes a breach from one service that has leaked a username and password and then try the same username and password on another service. This is where using the same passwords comes undone very quickly. The end result is that Melissa has lost her original account along with the established community attached to that account meaning that she has had to start from scratch.
There is a high potential that she will lose support from brands that have paid for posts in the past adding to the losses through the event.
This is a real-world lesson in using good security practices when it comes to securing the things that matter to you.
The moral of this story is that we should not assume what something is worth to someone else rather we should consider what it is worth to us if we lose access to that service and think really hard about what that service means to us.
Further reading : 3 simple steps to stop hackers dead in their tracks.