The last 12 months have seen some of the biggest hacks of all time. Billions of website and app user details have been exposed and made available online.
Included in the leaked details have been names, email addresses, passwords, security questions, telephone numbers and much more. Here, in case you missed any, WIRED rounds-up some of the biggest hacks that have been revealed in over the past 12 months.
Yahoo
The biggest hack of 2016 – twice. This year, Yahoo disclosed two data breaches of its service, the first contained 500 million user accounts and happened in 2014; the second involved more than one billion accounts and happened in 2013.
Yahoo only discovered both attacks in 2016, before it made them public. Both included names, email addresses, telephone numbers, dates of birth, hashed passwords and encrypted or unencrypted security questions and answers.
Adult Friend Finder
Details of customers from Adultfriendfinder.com, Cams.com, Penthouse.com, Stipshow.com and iCams.com were exposed in a breach this year. Overall more than 400 million customer details were stolen, including passwords that were sold on the dark web.
"Passwords were stored by Friend Finder Network either in plain visible format or SHA1 hashed (peppered)," LeakedSource, who verified the information said. 123456 was the most common password and 15 million expired (or deleted) accounts were included in the data.
Data exposed from the professional social network was another of the historical breaches that came to light in 2016. Security researchers discovered more than 117 million account details being sold on data sharing websites that were originally taken in 2012.
Initially, the data was being sold for five bitcoin, amounting to around $2,200 (£1,500) at the time.
Tumblr
Millions of email addresses and passwords stolen from Tumblr in 2013 suddenly appeared for sale on the dark web. In total, 65,469,298 passwords were being sold for £102.
Included were email addresses and passwords. However, the passwords were hashed, a process that turns them into a string of digits rather than storing them as plain text.
Dailymotion
85.2 million unique email addresses and usernames were taken from Dailymotion. One-in-five of these (around 18.3 million) had associated passwords with them, although they were hashed.
Rambler.ru
Russian email and internet provider Rambler.ru was also hit by a historical attack that happened in 2012 and exposed this year. Usernames, email addresses, social account data and passwords of 98.1 million of its customers were taken in the hit, ZDNet reported.
It's never going to be possible to control how much effort, energy, and money companies put into their security practices. Flaws and bad practices will exist in even the most conscientious of firms. However, there are steps that can be taken to minimise risk.
1. Don't use the same password: the codes you use to login to websites should be unique. No one password should be the same. Each password should be different and also long and complex.
2. Use a password manager: multiple complicated passwords are difficult to remember – nobody is expecting them to be stored in your head. Instead, the best option is to use a password manager to keep track of all the passwords for you. 1Password and LastPass are good starting points.
3. Regularly change your passwords: keep them updated and check to see whether any accounts are compromised when new data breaches emerge.
4. Use two-factor authentication: combining a strong password with ID verification makes the password stronger. Authentication methods allow a service to know it is you who is trying to login. Most websites and services work by sending the user a short code to a mobile device that is owned by them to prove identity. Two Factor Auth is a comprehensive guide to which websites and services offer them.
Read more
Want to know if you've been hacked? Troy Hunt has all the details
The top Android security apps to keep your phone and tablet safe
The top iOS 10 apps for keeping your data safe and secure
This article was originally published by WIRED UK
