It’s an all too familiar story. Company X get’s breached and you receive an email telling you that your password may have been stolen and you need to change your password. How much time does it take from the time the data was leaked to the time cyber criminals will want to try using your password? According to cyber security researchers at Agari, not very long.
ZDNet recently published a story about a test carried out by Agari to see how long it would take for cyber criminals to try and use those accounts. Agari planted thousands of credentials that were made to look like real accounts onto the websites and forums popular for dumping stolen usernames and passwords. Crane Hassold, senior director of threat research at Agari, told ZDNet, “About half of the accounts were accessed within 12 hours of us actually seeding the sites. 20% are accessed within an hour and 40% are accessed within six hours. That really shows you how quickly a compromised account is exploited.”
So, the answer to the question is very fast! If you do get notified that your password has been compromised, you will want to act quickly to change your password. When it comes to business accounts that have been compromised, the risks include things like theft of sensitive information, access to privileged accounts and Business Email Compromise.
To help defend against these exploits, organizations should take precautions to defend their users, cloud applications and the wider network from phishing and other attacks. A key defence to put in place is antivirus software or a spam filter. Another thing you may want to do is start using multifactor authentication if you aren’t doing so already. With multifactor authentication, even if a password has been compromised, it will make it harder for the hacker to get in, and it will alert the user that someone other than them is trying to log in.