Data Exposed In Stratfor Compromise Analyzed 141
wiredmikey writes with an excerpt from an article in Security Week: "Following news that security and intelligence firm Stratfor is downplaying the recent hack of its systems, Identity Finder today shared a detailed analysis of the data released so far by the attackers. Based on the analysis, 50,277 Individual Credit Card Numbers were exposed, but 40,626 are expired, leaving just 9,651 that are not expired. In terms of emails, 86,594 Email addresses were claimed to be exposed by the hackers, but only 47,680 were unique. The hackers have released personal information for Stratfor subscribers whose first names begin with A through M, with N through Z expected to be released soon. In addition to the presently published data compromised during the attack, the attackers claim that 200GB of company email containing 2.7 million emails was captured as well."
As of posting, Stratfor's website is still down.
Expired cards (Score:5, Interesting)
Re:If even strong passwords can get leaked... (Score:4, Interesting)
Use unique passwords for everything important and use a secure but salted password for various sites. Let's say my generic secure password is $sJ55Pm#
I salt the secure password between the fives with the initials of the website alternating caps. So my /. password could be $sJ5Sd5Pm# and my World of Warcraft password could be $sJ5WoW5Pm#.
I only have to remember one good password and a formula. Someone clever enough could hand analyze the passwords and might spot the salting but realistically, very few people are worth that effort.
which makes me think there's no point in super complex "try and guess THIS one!" passwords.
One practices good password habits because they help when a site does things properly. Nothing is going to save you if a site is terribly set up but that doesn't mean you should abandon best practices.