Stolen Credentials Accur Again on Best Buy Accounts
After a few months that the famous American specialty retailer of consumer electronics “Best Buy” received customers’ reports about compromised accounts, the company admitted that its online retail site was attacked by hackers using stolen credentials.
It’s an expective situation when identifiable information from one social network is the same for another websites that gives hackers a possibility to use the stolen credentials forsomesites where hackers can extract some value, such as retail or banking websites. According to a Washington Post research 30% of respondents use the same usernames and passwords at different sites with no regard of what kind of site it is: shopping, social networking or banking.
The Best Buy’assumption is that hackers are testing that theory. The credentials could be stolen maybe more than a year before from site that is not connected with Best Buy and it is a strong possibility that nowhackers log into Best Buy accounts that have user’s credit card information on file and spend hundreds of dollars on gift cards.
Exactly after such situations the public is alarmed at the hacking trend to post stolen user names and passwords on the Internet. It often gives hack different phases beyond the initial theft.
The example of swivet is Formspring’s reseted upwards of 27 million passwords after they saw numerous hashed passwords that were posted on security forum.
The real damage of stolen password could appear on road in months or even years if people continue using the same credentials again and again.