Sponsored Content

New York AG Warns 17 Firms of Credential Attacks

credential stuffing cyberattack
Sponsored by:
minute read

Sponsored: Password security is highlighted in attorney general warning to New York state businesses.

New York Attorney General Letitia James reported 1.1 million credentials tied to 17 “well known” state businesses were compromised in recent cyberattacks.

According to the alert, many of the firms were unaware that that their customer’s passwords had been compromised. The bulletin was issued January 5 and part of what appears to be a public awareness campaign around credential stuffing.

Cybersecurity tied to employee and customer passwords (also referred to as credentials) are often a security soft spot for companies and the door used by adversaries to infiltrate a business. The management of credentials, according to James, needs to be a central focus in thwarting so-called credential stuffing attacks.

Password Management Webinar

“Right now, there are more than 15 billion stolen credentials being circulated across the internet, as users’ personal information stand in jeopardy,” James said. “Businesses have the responsibility to take appropriate action to protect their customers’ online accounts.”

Employees Reuse Consumer Service Passwords for Work 

Often for companies, credential stuffing and password management is perceived as a company-specific issue. However, given that employees reuse passwords for work and consumer services the scope of the threat can impact multiple accounts, according to experts discussing password security in a recent Threatpost webinar, Password Reset: Claiming Control of Credentials to Stop Attacks.

In this recent Threatpost roundtable event sponsored by Specops Software, security expert Darren James was joined by credential expert Roger Grimes, a defense evangelist with KnowBe4. Speocops’ James and Grimes offer a glimpse at today’s (2022) cybersecurity landscape and how to fight credential attacks and keep mitigation costs down.

The average cost of one help desk call to reset a password costs an organization $70, according to Specops’ James. “Multiply that by thousands of employees and that bill starts to add up,” he said.

Make Credential Management & Security Central to 2022

Register and stream a FREE  information session – sponsored by Specops Software – on credential management and security

Takeaways Include:

    • What makes a good password in 2022?
    • Modern credential management for the enterprise.
    • How to mitigate a post-credential breach. 

Also learn how modern cybergangs are exploiting sloppy password hygiene and how to streamline smart password management across an organization.

Register to view the on-demand event: Password Reset: Claiming Control of Credentials.Password Specops Webinar

Suggested articles

The Art of Non-boring Cybersec Training–Podcast

With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.