This Password Has Appeared in a Data Leak: How to Respond
.jpeg){kind=small}
“This password has appeared in a data leak, putting this account at high risk of compromise. You should change your password immediately” – if you own an iPhone or iPad running on iOS 14 or above, you may have received this worrying message lately. Apple rolled out this feature across both devices and Macs as a cybersecurity feature.
If you have received this notification, you might be wondering what it means and what to do next. Read on to learn more.
What is Apple’s Data Security Recommendations Feature?
Apple’s “Security Recommendations” is a password monitoring feature that aims to provide iOS users with additional warning of any data leaks. Security Recommendations ensures users can update their passwords before a data breach occurs, reducing the risk of identity theft or fraud.
Many cybersecurity regulations require organizations to update customers on where and how their information is being stored. They also must provide alerts and advice when there is a data leak or data breach.
If user credentials are compromised in a data breach, organizations face hefty fines and serious legal and reputational implications – especially in the healthcare sector and financial industry.
Learn how to respond to the MOVEit Transfer zero-day >
What is a Data Leak?
A data leak is a security incident where sensitive data is accidentally exposed. Data exposure can occur either electronically or physically.
- Electronic data leaks often occur when sensitive data is found on the Internet, e.g., through cloud leaks.
- Physical data leaks often occur through lost devices, such as hard drives, laptops, or cell phones.
Unlike a data breach, cybercriminals don’t have to carry out cyber attacks to access sensitive data. Data leaks are usually the result of sub-par data security practices or human error.
Cybercriminals actively look for data leaks as an easy attack vector into an organization’s systems. Any exposed data will likely result in a data breach without prompt remediation. Once cybercriminals find sensitive data, they can use it for several purposes:
- As part of a larger cyber attack on an organization’s systems, such as data exfiltration,
- To carry out social engineering scams,
- To carry out a ransomware attack, or
- To commit identity theft or fraud by selling personally identifiable information (PII) on the dark web.
Learn the difference between data leaks and data breaches >
Why Did I Receive An Apple Data Leak Alert?
Apple’s Security Recommendations feature automatically monitors iCloud Keychain users’ saved passwords for data leaks. Similar to haveibeenpwned.com, it checks your credentials against recognized databases of leaked passwords. The feature alerts you if your password has been exposed in a data leak through one of your saved accounts.
You’ll receive a notification when you next attempt to log in to any affected accounts, prompting you to change your password or ignore the alert (not recommended).
You’ll be given the option to “Change password on website” or to dismiss the alert with “Not now”. It is strongly recommended that you change your password immediately to prevent further compromise.
You can also use the in-built Security Recommendations feature to check the overall health of your saved passwords at any time.
Learn how to respond to the Fortigate SSL VPN vulnerability >
How To Use Apple Security Recommendations
Security Recommendations is located in the Settings App. To access it:
- Open Settings > Passwords > Security Recommendations (you will be prompted to enter your passcode for access).
- Toggle on the “Detect Compromised Passwords”. You can toggle this off at any time, but you will be at high risk of having your personal information compromised.
The screen will display a list of High Priority password security issues, with one of three alerts:
1. “This password has appeared in a data leak, which puts this account at high risk of compromise. You should change your password immediately.”
Data leaks are the first step to a data breach. If you receive this alert, your sensitive data is in danger – it’s strongly recommended to follow the notification’s prompts.
2. “You’re reusing this password on other websites which increases the risk to this account if one of those other accounts is compromised.”
Re-using passwords has a domino effect if a data leak occurs, leaving all accounts that reuse this password at risk of compromise.
3. “This password is easy to guess.”
Cybercriminals’ hacking methods are becoming more sophisticated by the day. Weak passwords are easier to crack and hackers are more likely to gain unauthorized access to your account if you are using one.
Read Apple’s Guide to Password Security Recommendations.
How To Protect Against Data Leaks
Use Password Managers With Caution
Password managers are a popular choice for users looking to store their credentials efficiently, without the pain of memorizing countless unique passwords. All major browsers currently include password management functions, including Safari, Chrome, and Firefox.
There are also many third-party password management solutions, like 1password and LastPass. They operate by storing a single master password, secured by strong encryption algorithms and methods, such as hashing.
While these solutions use strong cybersecurity methods to ensure the protection of your personal information, it’s important to remember that all third-party providers carry risks. For example, LastPass was targeted by hackers in a data breach in 2015. While master passwords remained safe, other sensitive data was compromised, including:
- User email addresses
- Password reminders
- Server per user salts
- Authentication hashes
Learn how to avoid data breaches with this free guide >
Keep Your Software Up To Date
Zero-day vulnerabilities emerge daily and developers work quickly on software patches before cybercriminals exploit them. These security updates are only effective if users are also quick to install them. While updates can be a slight inconvenience, allowing a cybercriminal to gain access to your personal information is much worse.
Get a free evaluation of your organization's data breach risk, click here to request your instant security score now.
Change Your Password Regularly
Many apps and services require you to update your password regularly to maximize account security. For those that don’t, it’s still best practice to do so. Periodic updates create a smaller window of opportunity for hackers in the event of a data breach and serve as an ongoing reminder of what accounts you have active.
Delete Inactive Accounts
Accounts use no longer use are an easy target for cybercriminals as their security protection is more likely weaker than that of your frequently used services. Keeping track of all your accounts and deleting any inactive ones is a simple way to decrease your vulnerabilities and maintain visibility over your attack surface.
Set Up Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA)
Harsher regulations for third-party data breaches means organizations (especially SaaS products and services) are focused on enhancing account security. Most reputable online services require or at least strongly recommend setting up 2FA or MFA to secure account access. These mechanisms provide additional protection against account compromise by prompting extra authentication, such as biometrics, security codes, or one-time passwords (OTPs).
Create Unique and Strong Passwords
Weak passwords leave your accounts vulnerable to brute force attacks, a popular credential-guessing method used by hackers to gain authorized access to sensitive data. If one password is exposed in a data leak, then all accounts that use the same password are now at risk too. Creating new passwords across all accounts costs time, but a hacker accessing your credit card details will cost you money.
Learn how to create a secure password >
Get a free evaluation of your organization's data breach risk, click here to request your instant security score now.
.jpeg){kind=avatar}
