On 29 July, the Krebs on Security carried a post saying that every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organisation discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. The post provides a closer look at what typically transpires in the weeks or months before an organisation notifies its users about a breached database. It also provides some tips to help avoid falling prey to incessant data breaches and increasingly sophisticated phishing schemes.
Any modest contributions for my time and ongoing expenses are welcomed! I have a page where you can do so, and where contributions start as low as $3, at https://www.buymeacoffee.com/KoIvM842y