Hackers may get second chance to benefit from second life security breach
IT security firm Sophos has warned computer users that using the same password on multiple websites greatly increases the risk of falling victim to hackers, following news that players of a global online game have been asked to change their passwords due to a security breach.
Players of Second Life were asked to change passwords after a hacker broke into a database holding information about the game’s 650,000 users. This information included addresses, passwords and encrypted credit card details. According to Sophos, while changing passwords will prevent criminals from gaining access to users’ Second Life accounts, they could still be at risk if they use the same password for other websites.
“Gamers may think that once they modify their Second Life password, they’ve eliminated the danger, however the reality is that the old password may now be used by hackers to target other accounts,” said Graham Cluley, senior technology consultant at Sophos. “It’s bad enough that criminals were able to gain access to such personal details in the first place, but even if this avenue has now been closed off, hackers could well find themselves with an opportunity to access the email, eBay or even banking accounts of unsuspecting Second Life users.”
A recent Sophos web poll uncovered that 41% of business PC users admitted to using the same password all the time, while just 14% use a different password for every website they access.
“Not every website will treat your password with the same degree of confidentially, so it’s vital that users ensure they use different passwords for sites which carry sensitive data about them,” continued Cluley. “On top of that, if the passwords deployed are all short dictionary words, it won’t be hard for a hacking program to figure them out, so it’s equally important to make each password hard to guess.”