Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

April Showers bring May….Breaches?

Ed_A ‎06-09-2014 07:17 AM - edited ‎07-22-2015 01:46 PM

Photo Credit: Jeff Keyzer (

Breach data from


Selling your data is big business…and business is booming. In the past two months alone, there have been over 200 million records potentially compromised.


In April, AOL was hacked--putting grandparents everywhere at risk. Bad joke, I know. Out of a potential 120 million records compromised, there were probably quite a few active users in there.


In May, it was eBay and AVAST accounting for 145,400,000 personal records.


Throw in a few breaches from across the pond: Eircom (Ireland) and Orange (France) and that’s another 1,650,000 records.  


What’s next? Who knows, but I would bet the farm on another large breach every other month until the end of the year.


These breaches were all a result of some sort of hack. Turns out organizations that are breached aren’t exactly forthcoming in the details. It’s probably safe to assume there was a SQL injection here, a zero day in a CMS software there, and some social engineering/stolen accounts sprinkled in. Maybe it was a remote file include or nation-state targeting a competitor…who knows; the point is millions of personal records were exposed.


It would be nice to say breaches are 100% preventable but that really isn’t the case.  The financial value of compromised personal records makes a juicy target for attackers - those with financial backing, manpower and time. There are just not enough qualified security professionals out there to defend against the massive collective of for-profit hackers!


According to CNN’s research, 47% of American adults have had their personal information breached in the last 12 months. That being said, we shouldn’t resign ourselves to defeat. So…


As a Consumer, What Can You Do To Prevent/Protect?

  • Use strong passwords/passphrases.
    • Try using a pass phrase instead of a pass word. These are harder to predict and crack by far, example:

  • Do not use the same password on multiple sites. If one site is breached and your password is stolen, it may be used against you on other sites.
  • If you absolutely can’t remember multiple sites passwords, use a password manager to make that easier. 
  • Clear your cookies and saved passwords often for sites that handle purchases.
  • Use credit cards as opposed to a debit cards, more insurance options are available.
  • Demand service providers take security seriously. Chose services that have a visibly stated security policy on the website. Vote with your dollars.
  • Do not click on links in emails that ask you for any sort of update or password. If they make it into your inbox (meaning they passed your spam filter) and you are unsure if they are phishing attempts, go to the legitimate site via their web address or Google (as opposed to clicking the link in the email).  Then check the relevant information there. If still unsure, call their helpline on the number stated on the legitimate website.


What Can You Do Post-Hack?

  • If a breach occurs that you are involved in, change passwords and be vigilant in monitoring any accounts that may be affected.
  • If a service you subscribe to has been hacked, take advantage of any free credit monitoring your service offers afterwards.
  • If you notice signs of fraud or identity theft, immediately start the FTC’s recommended steps.


As always, feel free to reach out to us here at Fortify on Demand at with any questions via Twitter (@hpappsecurity) or via email  (fodsales(at)  We'd love to hear your questions or comments about our data breaches, identity theft management, and how it affects you.



About HP Fortify on Demand

HP Fortify on Demand is a cloud-based application security testing solution. We perform multiple types of manual and automated security testing, including: web assessments, mobile application assessments, thick client testing, ERP testing, and more. We do this both statically and dynamically, both in the cloud and on premise. 


0 Kudos
About the Author


27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all