When parents create accounts for their children to play online, they trust that their information is safe and protected. This is especially critical now that children are using online resources more than ever to learn virtually, connect with friends and participate in activities that would normally take place in person.
Therefore, it’s critical to spread awareness about extending security best practices to younger generationsf as the pandemic continues.
Recently, a popular children’s online playground suffered a data breach that resulted in 46 million compromised accounts, including information such as email addresses, names, billing addresses and easily deciphered hashed passwords.
The data was then stolen and shared on a hacker forum, allowing anyone to gain access to these accounts and giving malicious actors an opportunity to exploit the users’ information for their own gain. Unfortunately, this incident is one of many that we’ve seen lately involving breached credentials and other sensitive information. In 2019 alone, roughly 5 billion records were compromised, a 79% increase from 2018.
Furthermore, 98% of all breached data was a result of Personal Identifiable Information (PII), which includes full names, addresses, driver’s license numbers, or other forms of personal identification. These trends only accelerated since 2019, as the pandemic has given bad actors more opportunities to take advantage of others.
Incidents like these continue to happen because people often resort to reusing the same login credentials across all their accounts, instead of trying to remember unique passwords for each account they have. These lax habits enable criminals to easily cross-reference previously breached information and launch credential stuffing attacks or even access higher-profile data, like Social Security numbers and credit card information. This latest breach of a site for children underscores the fact that usernames and passwords aren’t as secure as typically thought.
Fortunately, organizations can leverage modern passwordless solutions like biometrics and multifactor authentication (MFA) to mitigate these threats. MFA can be paired with continuous, contextual verification of every user to ensure their identity to automatically detect suspicious activity.
This authentication method is not only a safer option, but also a practical one, as it allows for a smooth and frictionless login experience without the hassle of remembering a complicated password. Protecting digital identity has never been more important in today’s evolving threat landscape, so organizations need to evolve their authentication solutions to stay secure.