By Sabrina Almeida
The recent revelation about the “massive Yahoo hack” in 2013 affecting one billion users only reiterates our digital vulnerability. Being a Yahoo user myself, I was asked to reset my password a couple of months back. I didn’t lose any sleep over it having had several similar experiences over the years and with a variety of digital platforms. I’m sure we all have. How many times haven’t you or friends received spam or scam-like messages from one of your contacts? I brushed it off as another one of those…
Having said that, security breaches appear to have become more frequent, which should make us extremely cautious about our digital behaviour.
In February, Loblaw reset all PC Plus passwords after some members had their points stolen. As I changed mine, I wondered why anyone would go to such lengths to steal grocery points!
Then two weeks ago, we had 90,000 points stolen from our Petro Canada points card. My husband logged into our online account to apply for a replacement card as he had problems swiping the current one. The account showed the points had been utilized a couple of hours before. Not surprising considering the PC points incident and perhaps an answer to my question about what was being stolen.
Ironically, call centre personnel appeared to be totally surprised by the complaint. Initially they insisted that it was impossible for points to be stolen and that perhaps we had lost the card. (Which was not the case.) Either they don’t read the news or are simply following an official directive until the company decides to go public about it like Yahoo did.
Personally, the most serious breach occurred around two years ago, when a substantial amount of money was transferred out of our TD Bank account. Many friends have had similar experiences and with much larger amounts.
This ranks as number one for me because the breach into the office server from where sensitive employee information (including social security numbers) was stolen did not impact me. However, four of my colleagues were not as lucky. They spent days and months trying to sort out credit reports including having to file police complaints.
The warning about WhatsApp’s vulnerability saved us perhaps from yet another password change to say the least.
While we are constantly being reminded about online vulnerability and safety, many do not take the warning seriously. On the contrary we seem to get more reckless everyday.
From Twitter to Facebook and WhatsApp, it’s quite frightening to see the personal details being shared, considering how easily this information could fall into the wrong hands. Equally perverse is the fact that many would think hundred times before revealing these details in a personal conversation. The misconceptions we have about anonymity on social media or in digital communication are insane.
From family quarrels to bullying classmates and bad-mouthing colleagues– it’s all out there and accessible to the general public. As is personal information being supplied in emails.
Until our TD Bank account was compromised, my husband would wax eloquent about the billions of dollars invested in firewalls and other security measures. While he might be right, one incident was enough to make me skeptic.
The number of passwords that we must remember also makes us more vulnerable to these breaches. According to an Intel survey of more than 2,000 English-speaking adults, reported by BuzzFeed in May 2016, the average person has 27 discrete online logins. While we are well aware of the risk of having a single password for multiple accounts or using birth dates or playing around with the keyboard, that fact that it is so much easier pushes us to take these risky shortcuts.
This January password manager Keeper revealed that in 2016, nearly 17 percent of people are safeguarding their accounts with “123456”. I too know a few people who have used it. The research team had scoured 10 million passwords from data breaches that happened in 2016. Keeper however believes that while users must exercise caution, website operators must also take more responsibility for password security.
As society pushes for more impersonal and convenient online activities, perhaps the solution lies in taking things offline and going back to basics. Or carrying around a huge logbook (having it on your smartphone or laptop would defeat the purpose) of carefully constructed impenetrable passwords for each account that you can refer to. Now which one is simpler? – CINEWS