It may be time to change your password if you use a third-party service to power your email. According to Reuters, hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia’s criminal underworld.
Accounts impacted include those from email services such as Mail.ru, Google, Yahoo, and Microsoft, according to the article, which said Alex Holden, founder and chief information security officer of Hold Security, discovered the breach.
If email accounts are compromised, fraudsters can then gain access to passwords for other accounts using the “forgot my password” feature – the passwords are sent to the user’s email address, which the hacker has access to.
Also troubling – many people use the same password across multiple accounts, as Reuters pointed out: “Hackers know users cling to favourite passwords, resisting admonitions to change credentials regularly and make them more complex. It’s why attackers reuse old passwords found on one account to try to break into other accounts of the same user.”
For online sellers, a compromised email account could prove devastating, so stay on your guard.