Cybersecurity Blog

How we get notified of an account breach – 11/23/18

 

Not every hacker makes their money by breaking into  accounts and stealing funds or ransoming your data. Some hackers are content to simply  break into servers and steal usernames. passwords and other personal information that they then sell on the dark web.  It is quite a niche business.

To combat this evil, an enterprising fellow name Troy Hunt created a tool that scans the dark web looking for stolen data that is for sale.  You  can access this information for free at have i been powned. Simply visit the website and enter your email address. It will tell you if any of your accounts using that email have been breached.

This gives you the opportunity to change your password and username or delete the account.   This is an easy process if you don’t reuse passwords. It is a huge headache if you do.  What’s even cooler,  you can subscribe to an alert service so they will automatically notify you when there is a new  account breach.  This is so awesome, Mount Royal even subscribes.

We get notified when anyone with an @mtroyal.ca email is involved in a breach.  We also get told which account was breached.  We are aware that password reuse still happens. By being notified of breaches we can make sure our users change their passwords so hackers cannot use their accounts to gain access to the network.

So if you are using your @mtroyal.ca account to sign up for the adult furry website High Tail Hall, we will know about it. To make matters worse, we have to contact you to let you know about the breach.  It gets awkward for everyone.

This is a friendly reminder, only use your @mtroyal.ca email account for business. IT Services thanks you.

 

4 thoughts on “How we get notified of an account breach – 11/23/18

  1. You are very welcome. If your account appears here, it means that it was found in a list of user data for sale on the web. In most cases changing your account password is sufficient. However if your credit card information, SIN or passport number were included in the stolen data you should also monitor your bank statements and watch out for signs of identity fraud.

  2. Thanks for this notice. I went to the powned link and discovered that my Mount Royal e-mail was on it.

    I changed my password. Is there anything else I should do? What does it mean if my account appears here?

Leave a Reply

Your email address will not be published. Required fields are marked *