Uber Hacked, Takes GitHub to Court to Find Hackers

by , on

Uber is now revealing that their database of over 50,000 drivers was hacked back in May, and they have subpoenaed GitHub to hand over IP addresses of the suspects.

The lawsuit reads, “On or around May 12, 2014, from an IP address not associated with an Uber employee and otherwise unknown to Uber, John Doe used the unique security key to download Uber database files containing confidential and proprietary information from Uber’s protected computers.”

Read more here.

Lenovo’s Website Appears to Have Been Hacked by Lizard Squad

by , on

Lenovo’s website was hacked yesterday.

Just a week after it was announced that Lenovo was installing “Superfish” adware on its factory-fresh laptops, the Lizard Squad has hacked the Lenovo.com website and turned it into a slideshow of webcam images set to pop music.  This is the same group that took down the Playstation Network and Xbox Live on Christmas Day, and also took down Google Vietnam earlier this week.

Read the rest of the story on Mashable.

Anthem Says Up To 18.8 Million Non-Customers Could Also Have Been Hacked

by , on

Anthem is now estimating that between 8.8 and 18.8 million non-customers could also be victims in the data breach where hackers stole records with sensitive information.  Independent Blue Cross Blue Shield customers are the ones who are potentially affected.  Since Anthem is part of their network, Anthem holds all of their customer records in the database that was hacked.

This brings the updated number of stolen database records in the Anthem hack to 78.8 million customers.

Read the rest of the story on Reuters here.

LinkedIn Settles Lawsuit for $1.25 million over Weak Passwords

by , on

Back in June of 2012, 6.5 million LinkedIn passwords were exposed on a Russian hacking site, and now LinkedIn is paying the price.  Customers made the case in court that LinkedIn had deceived them about the level of internet security that was being used to protect their passwords.  Up to 800,000 American users will be eligible to make a claim.

Read more here: http://bits.blogs.nytimes.com/2015/02/23/linkedin-settles-class-action-suit-over-weak-password-security/

Remember to use Keeper to keep all of your passwords and files safe – it’s free.  Try it here.

Lenovo Installing “Superfish” Adware on New Laptops

by , on

Lenovo is pre-installing adware, called SuperFish, to factory-fresh laptops that hijacks search results on all browsers and has the ability to steal private data including passwords.   The adware injects third-party ads into Google searches and into websites without the user’s permission.   If you own a Lenovo laptop, you can go here to see if you are infected.

Read more about Superfish here on Gizmodo.

3 Secrets for Staying Safe Online in 2015

by , on

2014 is known as the “year of data breaches.” Last year cyber attacks became front page news week after week. It’s unfortunate, but 3 in 4 Americans have fallen or will fall victim to hacking. So, what can we do to stop hackers? Quite simply, the biggest security vulnerability that exists is: the password.

More than a decade ago, Bill Gates predicted the death of the password. Reality: passwords are still the most common authentication method. And, in today’s world, we all must get smarter about password management and more importantly be proactive when it comes to cybersecurity.

Don’t fall victim to the old way of doing things, hackers are getting more sophisticated and the world is not keeping up. Following are some tips and advice to help you stay cyber-safe in 2015.

  • Utilize a Password Manager. We all have many different logins and passwords to keep track of. Often people don’t want to remember or simply can’t remember multiple, strong passwords – and, you should never use a password on more than one site. Additionally, passwords should never be in plain text, saved or sent in an email, word document, excel spreadsheets, sticky notes, etc. Passwords should always be at least six characters in length and consist of letters, numbers and symbols. The easiest and most secure way to remember passwords is by utilizing a password manager. Today, the average Keeper user has approximately 90 different passwords in their vaults.
  • Change passwords often. We know, we know. You’ve heard it before. But this simple practice is one of the best ways to protect your accounts from hacking, and yet few people actually take the time and effort to update their passwords on a regular basis. Keeper’s automatic, high-strength password generator makes it quick and easy to change your passwords regularly.
  • Enable two-factor authentication. Two-factor authentication adds an extra step to your log-in process to ensure the person accessing your records is in fact you. Gmail for example allows the user to implement two-factor authentication to access their account. How it works through Keeper – if you enable the two-factor authentication capability in your Keeper vault, Keeper will either send you a text or call you with a one time code that you will be prompted to enter prior to being able to login to any of your accounts. Or, Keeper allows users to choose a Google Authenticator QR Code. Ultimately, this is a great way to add an extra security layer to your online accounts.

Conclusion: Putting online security first will ensure a safe and secure 2015. Make the decision to truly protect your sensitive information and invest in long term security. Check out  Keeper.

Top Cyber Attacks of 2014 – What We Have Learned

by , on

It’s been quite a year in cybersecurity. 2014 saw many high-profile hacks, leaks and breaches. The most recent attack on Sony was among a handful of massive data breaches this year including those against eBay, Home Depot and JPMorgan Chase.

Ultimately, what we have learned is that cybersecurity is not an option. It is essential – for both individuals and businesses. Cybersecurity must be a top IT priority in every business. These cyber attacks have affected millions of consumers – their passwords and personal information were stolen – and, this has become front-page news in the process.

It’s important to be aware of the cybersecurity climate we all live in and to be educated. When it comes to what we have learned over this last year; data breaches are on an exponential rise. But, individuals and companies can make changes. Protect your employees, your brand, reputation and lastly, your bottom line. Paying for security is a small fraction of the value it creates and saves you – it’s well worth it.

At Keeper, we believe every piece of confidential information inside a company should be encrypted and stored in a military-grade vault. Everyone deserves to have a “Fort Knox.” And, right now, the company that isn’t prepared has to be reactive and that’s a very painful situation to be in.

Companies have a fiduciary duty to their employees to be proactive with cybersecurity in protecting their private information. It’s a good time for all companies to review their security measures, policies and internal controls. Change your passwords and make them strong – use letters, numbers and symbols. Don’t save plain-text files in an unencrypted and unsecure system. Check employee log files, engage in threat detection and use a password manager and digital vault like Keeper. Once a company’s employees start using Keeper – they love it.  It’s amazing how easy and secure it is – think of Keeper as hardcore hacker repellant on steroids.

As the year comes to an end, we reflect back on what we’ve seen and what we’ve learned. It’s painful to keep reading about these breaches in the news. We have learned a great deal from these hacks but most importantly, we find peace in knowing that we can help – in a huge way.

Holidays Are Here: Keeper is for Everyone on Your Nice List

by , on

Like many of us, you may be on a strict budget this holiday season. And, affordable gift ideas for your nearest and dearest are hard to come by. So, give the gift that continues to give throughout the year: Keeper.

Keeper makes for a great, unique, gift for anyone on your holiday shopping list. For $29.99, you can bestow on your loved ones the gift of the world’s most secure, ease-to-use, password manager and digital vault that uses military-grade encryption technology to securely store their website logins, passwords, financial information, documents, photos and videos. Keeper works seamlessly across all devices – all they need to do is create a master password, or use their fingerprint scan, to login and access their private vault.

Giving the gift of Keeper will provide protection of your loved ones most valuable and sensitive information. One year of Keeper Backup will provide a secure, simple way for your gift recipients to store and access all of their private information while keeping it private. This includes one user account, unlimited devices, unlimited password storage, backup and syncing.

Keeper is the most downloaded password security app for storing, accessing and safeguarding passwords and personal information. With more than 50,000 five-star reviews in the app stores, Keeper has one of the highest product rankings by consumers.

So, think about it…How much do you spend on a new iPhone case? $30 bucks? Why not spend $30 to keep your family and friends most private information, private, and away from hackers? And, they never have to remember a password again except for their master password!

You can purchase Keeper as a gift here: https://keepersecurity.com/en_US/buy.

Holiday Shopping and Cyber Security

by , on

Tis the season, Keepies! The holidays are here, and that means it’s time to make that list and check it twice. Whether you’ll be shopping online or braving the crowds, it’s also the time of year to be extra careful with your financial information.

This time last year, Target stores across the country were hit by malicious software that stole information from shoppers’ credit cards, estimated to have compromised upwards of 70,000 people. The breach was determined to have begun on Black Friday, when traffic at the store was highest.

Online shopping, too, sees an upswing this time of year, beginning with Cyber Monday and continuing through the holidays. A recent McAfee study showed that 56 percent of Americans plan to use their smartphones to shop online this holiday season. And, more shopping means more identity theft. Luckily, there are ways to protect yourself:

  1. Never shop on public or unsecured WiFi networks. Your information can be easily compromised at the cafe – wait till you get home!
  2. Check web addresses. Look for the “https” at the beginning of the url to indicate an encrypted connection, as well as the lock icon in the address bar. Be aware of sites that don’t use the https:// protocol and be wary of any pop-ups that occur when on all major sites.
  3. Do not ignore web browser security warnings. Research has shown that up to 70% of users ignore browser security warnings. If you receive a security warning from your web browser when shopping online, do not simply click through to continue your shopping – something could be seriously wrong! Browser security warnings could mean that you have been directed to a phishing site or a victim of a man-in-the-middle attack.
  4. Monitor your bank account regularly. Catch fraudulent activity early, and make sure merchants don’t overcharge you.
  5. Use a Password Manager! Like Keeper.Unique passwords to all of your online accounts is your best defense against identity theft. You can also store credit card information and other data in your heavily encrypted Keeper Vault. And, you can use Keeper to do all of your shopping through the app. If we don’t recognize a website, we will not launch it – this is one of the many benefits of using a password manager and helps protect against phishing – sites that look real but are not.

For consumers shopping in stores:

  1. All payment cards should have “Check ID” in the signature area (back side of card). In most cases, the cashier of a responsible retailer should then ask to see the consumer’s ID to verify both the individual’s identity and signature of the shopper.
  2. Be mindful of shoppers around you, especially at the payment counter. This is when pickpockets and other cybercriminals steal wallets, money and cards out of open purses. This is also the main point of theft for PIN numbers when an innocent consumer is paying and they don’t cover their PIN entry area with their other hand – this allows a hacker to see their PIN codes. This is a very common method for stealing user ID information.
  3. Wallets should never be carried in back pockets or open purses. This may sound obvious but it accounts for millions of stolen purchase cards per year.

Happy Thanksgiving and Tips NOT to Get Holiday Hacked

by , on

Happy (almost) Thanksgiving! We are thankful for all of our Keepies – you make us great and we hope you have a happy and safe Thanksgiving.

We want to make sure you stay safe this holiday season. With Black Friday and Cyber Monday days away, we have some tips to NOT get holiday hacked. Now, these may seem like common sense, but with one in five people having had an online account hacked and 61% of people still using the same password everywhere, we thought some tips could come in handy.

Hackers love the holidays (especially from Thanksgiving to News Years) and unfortunately, we are all at risk to getting hacked – every time you swipe your credit card or sign into a social media account, you are at risk of your private information falling into the wrong hands. From Target and Home Depot, to Apple’s iCloud, it seems there’s a new security breach announced every month. Did you know the State Department, the White House, the US Postal Service and the National Weather Service have all been hacked within the last month?

So, make sure you stay safe this holiday season by following these Five Tips to Not Get Black Friday/Cyber Monday/Holiday Hacked:

1.   Stop using passwords that are too short or easy to remember.

When creating a password, it’s important to use a combination of upper- and lower-case letters, numbers and symbols which can be accomplished with a password manager. Make it difficult on those hackers by creating complicated, lengthy passwords that you change every six months.

2.   Don’t use passwords with personal information.

While it may be easy to remember your birthday or your significant other’s middle name, hackers are becoming increasingly sophisticated and number/letter combinations related to your profile are likely the first that a hacker will try.

3.   Break away from the habit of using the same password on every site.

If you continue to use the same password for every service, you increase the likelihood that one hacked site could expose your credentials further. Use as many different passwords as you can for all of your different accounts.

4.   Don’t write your passwords on sticky notes, sheets of paper, in notebooks or in an unprotected spreadsheet file.

Many traditional cloud services are vulnerable to sophisticated hackers who can actually gain access to your underlying file or records.

5.   Use two-factor authentication.

This security step provides the user with a second code that is sent to the user’s mobile device which they enter with their master password. It provides a strong, additional security layer that most often, stops a hacker in it’s tracks, especially when they are trying to break into your online account. Since they don’t have your mobile device to receive the second code, it prevents them from breaking into your account.

6.   *BONUS TIP: Stop trying to remember passwords and start using a password management tool.

Leading password management tools like Keeper, allow users to create randomly generated secure passwords for all of your different services that are stored in your own personal vault. It creates all your passwords for your sites and remembers them for you. You only have to remember a master password to access your vault and you’ll easily adhere to tips 1-5 above. Even better – if your device supports it, you can log into Keeper with your fingerprint for fast and secure access.

What to do if you do get hacked:

  • Immediately change your passwords across all affected sites.  This is very easy and fast with a password management application.
  • Utilize a password management application like Keeper. Keeper has never been hacked. It utilizes multiple layers of military-grade encryption, two-factor authentication and biometric authentication. Keeper uses an emergency notification system that can instantly alert its users if a major website is hacked – this allows the user to log into Keeper and immediately change their passwords on the affected site(s).