UPDATE
Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge — a handful for malicious reasons.
The survey conducted during November for Reboot Digital PR Agency found that 70 percent of exes polled have logged into their former partner’s Instagram account in the past week. And a full 65 percent of those who report social-media snooping said it had become an “obsession.”
This kind of social-media stalking is primarily fueled by curiosity, according to the report, but in a handful of cases, these breaches can present a real threat.
“Most exes claim that they still log into past partners’ social-media accounts to ‘see if they have met someone new,'” according to Reboot’s report, “with 59 percent of participants admitting this was the main reason.”
Curiosity is one thing, but troublingly, 13 percent confessed they logged in to “seek revenge.”
Common accounts for stalker exes to access, the report added, include Instagram, Netflix, Facebook, email, Spotify and Twitter.
The report said that they found only 23 percent of account-holders were aware their former partners still had access.
The report also discovered that many exes (32 percent) stop logging in about six months post-breakup, with others stopping around the 10 to 12-month mark (18 percent). Shockingly, however, 17 percent of participants admitted to logging into their ex’s social accounts 2 years after a breakup.
Exes’ Protection
Smart-security practices like not sharing passwords with anyone and multi-factor authentication (MFA) are two simple ways to prevent this type of personal insider threat, Dan Conrad, field strategist with One Identity, told Threatpost.
Most common accounts accessed by exes. Source: Reboot.
“People assume that they should change their passwords after a big life event, however, if you’re following strong password hygiene practices, an individual’s password shouldn’t be affected by [this], as no one else should have access to the password in the first place,” Conrad said in an emailed response to the report.
“With many applications requiring MFA, passwords have become a part of the authentication process, making credentials no longer enough to break into an account,” Conrad said.
He added that research shows that the more frequently users change their passwords, the weaker those passwords tend to become.
Personal Threats Meet Professional
Much like at companies and other organizations, insider threats can impact individuals and their personal data. And with the pandemic continuing the blur the lines between both, an ex’s data breach could quickly balloon into a serious professional problem too.
During a recent Threatpost webinar on insider threats Craig Cooper, Gurucul COO explained how dangerous insider Threats to business can be, including a threat actor targeting a specific employee.
“The question is often: What might they be looking at? And often, when you are talking about insider threats on the physical side, it could be someone targeting a specific person,” Cooper said. “That’s not very comfortable to think about, but that’s obviously something that could happen. This happens with workplace violence and those types of things.”
Employees with personal problems, like a breakup or divorce, should not automatically be identified as “high risk.” When a personal struggle presents itself in the workplace, then that would be just one indicator of risk. Security really does need additional risk indicators to formally identify the employee as “high risk” for insider data leaks or breaches, according to Code42’s CISO Jadee Hanson, who spoke with Threatpost last in March 2019.
Hanson added that an insider risk program should be “…built on a strong partnership with HR and whatnot, but having a program that looks for a disgruntled employee, that looks for abnormal behavior, that looks for language being used in emails that might indicate an employee is on the brink of doing something that they shouldn’t be doing. Even things like performance improvement plans or if you know that the employee is leaving the company. All of these things indicate risk aspects for an individual employee, and monitoring that behavior for that employee is what needs to be put in place.”
Access Mitigation
Cooper, along with Gurucul CEO Saryu Nayyar, explained that the critical mitigation for businesses to protect from insider threats is paying meticulous attention to permissions and who has access to important data. That same advice, much like the threat itself, also applies to personal accounts.
Beyond not sharing passwords to your accounts and using MFA whenever possible, Conrad stressed the importance of using strong, unique passwords for every account.
“Instead of focusing on how often to change a password, it’s essential to focus on not only meeting complexity requirements but also ensuring the password is unique to each account,” Conrad warned. “To help juggle passwords, people should use a reputable password manager as these systems generate complex passwords for each account, alert the users if accounts have the same password and interject complex credentials when required. The bottom line is that how frequently you change a password isn’t as important as how strong your password is.”
(This article was updated on Jan. 6, 2021 at 5:03 p.m. ET to more accurately reflect Code42’s CISO Jadee Hanson’s thoughts on the threats discussed in this article.)
