Google’s BlackList Exposed Confidential User Information
Finjan Inc., web security expert, reconfirms recent reports that:
[…] Google have unwittingly exposed private user names and passwords on the Google anti-phishing blacklist, which did not use any access protection. Such sensitive information could potentially have been used to compromise user privacy, and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts).
Can we repeat it enough? Do not reuse your passwords.
Suppose it was one of your “standard” passwords exposed in that list – how many other accounts could that same password have been used to gain access to?
How to avoid Identity Theft
- make strong passwords – (here’s how)
- don’t reuse them – (even the UN says it’s a bad idea)
- If lots of strong passwords are hard to remember get a password manager