Cybersecurity is an issue that concerns (and affects) more and more companies around the world, and on which our most private data often depends. Despite the large (and ever-increasing) investment being made by companies to safeguard their users’ information, cybercriminals are finding ways to achieve their goals.
In the last two months, two hacks have taken place on websites of great relevance in the technological world: LastPass and PayPal. Malicious accesses that put the accounts of thousands of people around the world at risk, with the implicit possibility that the attackers (or those to whom they sold the stolen data) could access both their passwords on other websites and their digital wallets.
Internet cybercriminals are going for it
Between December 6 and December 8 last year, cybercriminals accessed 34,942 PayPal user accounts. The company said that no transactions were made on any of these accounts from the time the malicious accesses began until PayPal “removed the unauthorized third-party access” on December 8, although it is unknown whether their personal data may have been collected in the process.
A case of cyberattack that could not be classified as “hacking”, since the criminals accessed the affected accounts through a tactic known as “credential stuffing“, which consists of using stolen credentials from websites to try to access others. All the more reason to remind everyone never to use one password on more than one site.
However, this security measure reveals another problem: we must be able to remember multiple passwords (which, in addition, must be combinations of numbers, letters and symbols). Faced with this situation, many people turn to password managers such as LastPass, where they can keep them safe, and then continue with their lives. And everything is going well… until LastPass is hacked.
The company suffered a cyberattack on November 30 that affected a number of users that LastPass’ parent company, Goto, has not disclosed at this time. At the moment, it is only known that this cyberattack affected several of its products, including its Central business communications tool. The company has also not given any recommendations to those affected by the incident.
A series of hacks are becoming more and more frequent and affect companies of all kinds. Riot Games, the company behind the League of Legends and Valorant video games, announced last Friday that it was hacked by cybercriminals. A highly serious incident, as the attackers were able to access the source code of the League of Legends and Teamfight Tactics games, as well as that of its internal anti-cheat system.
