Data breaches have become a major thorn in the side of big business that retain large amounts of consumer data, including login passwords and personal information. Such information that is compromised through recent data breaches has been used by hackers to either sell-off on the Dark Web for ridiculous prices or to infiltrate online accounts belonging to computer users, which may eventually lead to identity theft or theft of money through online banking access.
Due to a recent wave of data breach attacks that has leaked over 750 user records onto the web, Facebook and Netflix have taken it upon themselves to be proactive to prevent potentially leaked data. The process that Facebook and Netflix have started is one to notify users that it deems is in danger of having their accounts taken over and prompt them to reset their password. While such a step may seem remedial, it is essential considering that current login credentials may have been compromised in recent data breaches that included sites like MySpace, LinkedIn, Tumblr and many others.
The theory behind having users reset their passwords is that computer users commonly utilize the same password for multiple accounts, which is not a recommended practice. Companies like Facebook and Netflix figure that by forcing password updates now, they can thwart any attempt of hackers armed with breached data logging into their users' accounts.
Just a couple weeks ago, right after a massive LinkedIn data breach, Microsoft took steps to go after public data dumps to analyze the content and compare it to usernames and passwords in their database. From there, any of the matching content would prompt Microsoft to alert the specific users of possible dangers as their personal information has essentially been dumped over the Internet.
The methodology of Microsoft's new approach to analyzing public data, information potentially spilled by hackers who breached millions of computer user records, has caught on to many other companies, such as Facebook and Netflix. Such actions are taken to prevent account takeovers in the expected cases of users utilizing the same passwords for multiple accounts.
Currently, select Facebook and Netflix users are getting prompts to reset their passwords as a result of the company having reason to believe that their account login credentials may have been compromised from data breaches of other companies.
Interestingly enough, Mark Zuckerburg's account on Twitter and Pinterest was hacked after a team of Saudi hackers spotted his password through the recent LinkedIn data breach. Not only is such a case proof of concept in analyzing and comparing breached data to that of a company's consumer login database, but conducive of discovering a viable method to proactively prevent the future compromise of many accounts.
If you are ever prompted to change your password directly from a large company over the Internet, it's best to go through with creating a secure password. Netflix has conveniently laid out the reasons of prompting a password update in its notification pop-up message that some users are experiencing. The note reads as follows:
"We believe your Netflix account credentials may have been included in a recent release of email addresses and passwords from an older breach at another company. Just to be safe, we've reset your password as a precautionary measure."