Did Your Password Leak Online?

Did you password leak online blog image

Don’t let a password leak become your biggest nightmare

Security breaches plague people and businesses everywhere. A password leak can be a rising concern for consumers and businesses alike. Everyone is at risk of being compromised online. At Net Pay Advance, our technology team aims to identify and tackle issues to protect our customers by avoiding potential scammers. 

Jump to:  

The online era presented us with the opportunity to have the world at our fingertips. It also opened the doors for negative elements that pose a threat to our safety. 

When we engage in online activity, we tend to leave pieces of information on the world wide web. Think of all the times you’ve signed up for a subscription with your email address or phone number. Most of us have shopped online and entered financial information into a browser window. Often, we enter sensitive information such as our social security number when prompted. For the most part, so long as we stick to HTTPS URLs, we feel safe.  

However, company breaches and compromised accounts are possible, and can happen anywhere. There is always a possibility of miscreants getting their hands on our information. Even at your local grocery store.  

At Net Pay Advance, we take security very seriously. Our team continuously works to address any and all concerns. We strive to empower you to avoid becoming the next victim of cybercrime.  

Did you know that compromised passwords are at the root of 81% of hacking-related breaches? It is a pretty significant number and can’t be ignored.

Cybercrime at the time of a global pandemic

When the pandemic hit, it changed our lives in a million different ways. With mass hysteria, layoffs at organizations, and a remote work structure, cybercrime was steadily rising. In fact, there was over a 400% increase in online scams in March 2020.  

We spoke to Scott Hoopes, Director of Technology at Net Pay Advance, regarding the rising cybercrime statistics since Covid-19 and he confirmed there was an increase in hackers across the technology industry. Scott said, “While there is not an increase in data breaches, there is an increase in hackers using breached data and an increase in the number of attempts to use the breached data.” 

He adds, “These types of attacks are called password ‘credential stuffing’ and ‘password spraying’ attacks.” It happens when hackers steal information from one place and use it to open accounts elsewhere.  

Scott goes on to say, “Our website, like most others, has seen both of these types of attacks.” Hackers have taken personal information from email services and business data breaches and used it to open financial accounts.” 

“Credential stuffing seems to be the most popular attack,” clarifies Scott. “The breached data is being traded more often and attack platforms are now available as a paid service on the dark web making attacks like these available to even the unskilled hacker.” 

Wondering if you have a breached password? Experts like Scott recommend the website HaveIbeenpwned to check if your email has been stolen in a security breach

Why pay attention to notifications regarding compromised passwords and password leaks?

Password leak iphone notication

When you receive a notification on your phone regarding a password leak, it means that your accounts are no longer secure due to a data breach. The first thing to do is to go ahead and change your passwords.  

We asked Scott for his advice on avoiding security issues and he shared, “The most powerful protection against account takeover is never reuse passwords. Every account you create on the web should have a new, unique, and complex password. If you use unique, complex passwords on every account then you are safe from breached data being used to gain access to your accounts.” 

Just don’t use any of the passwords below. These are the 10 most common passwords, and aren’t secure.

a picture of the 10 most common passwords

Do any of those look familiar to you? Now is the time to update your password.

What can hackers do with your credentials?

We know that there are hackers out there trying to steal people’s information. But what exactly does that mean for us? How does it impact us?  

Scott explained, “Breached data can lead to account takeover… they can do many harmful things like take money, move money, get loans or credit cards in the victim’s name, make purchases, open accounts, close accounts, gain control over their mobile devices etc. All of these things can lead to damaged credit and financial ruin.”

What to do if your password has been breached

In case you encounter a password leak during a data breach, these are a few things you can do: 

  1. Use a tool like Avast Hack Check or HaveIBeenPawned to confirm that the breach did happen 
  1. Identify what sensitive information might have been stolen 
  1. Change passwords to accounts impacted 
  1. Monitor your credit for any suspicious activity 
  1. Back up your valuable information 
  1. Adopt multi-factor authentication if services allow it  

Breaches do happen from time to time and need to be resolved at the earliest. Identity theft is a serious problem. We recommend checking out this resource to know more about identity theft. 

How to keep your credentials safe 

For starters, use secure passwords. You’ll want to use a mixture of uppercase letters, lowercase letters, and numbers. If they allow it, you’ll want to include symbols (such as %$!#@) as well.  

Check the security of a potential password below: 

Password Checker

Type in password to check

6 Characters : Fail
1 LowerCase : Fail
1 Uppercase : Fail
1 Number : Fail
1 Special Character : Fail

Good Password : Fail
Show password
NOTE: Passwords must be at least 6 characters, 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character.

Scott suggests using a password wallet application like Dashlane or Keepass to keep your credentials safe from a password leak. These applications make managing all those unique passwords easy, and they come with tools that will create complex passwords for the user.

What security does Net Pay Advance have in place to keep our customers’ information safe?

We genuinely care about the online safety and wellbeing of our customers. That’s why Net Pay Advance has measures in place for people whose credentials were stolen from elsewhere and misused at our business.  

We asked Scott to elaborate, and he responded, “Analytics and Customer Service do proactively look for and block fraudulent applications. It’s hard to identify though when a bad actor has stolen a lot of information about the same person. If they have your name, address, social security number, birthday, employment information, and more, it’s tough to spot.” 

What is Net Pay Advance doing to improve?

In addition to advocating for stronger passwords, we are adding multi-factor authentication to help protect against breaches. 

Many of our customers would like to know about our current and ongoing efforts towards keeping information secure. We are continuously levelling up with our security measures. We employ 256-bit encryption in addition to the following: 

  • Web application firewall to protect against mass attacks like credential stuffing 
  • CAPTCHA to ensure only humans (not automated hacker software) can log in 
  • Pre- and post-login monitoring software to alert us of suspicious behavior on our website 
  • Ongoing employee training on cyber security, complete with simulated attacks 
  • As mentioned above, soon we will implement multi-factor authentication which will almost entirely eliminate account takeover 

As the age-old saying goes, prevention is better than cure. It’s best to stay proactive and do our best to prevent cyber-attacks from impacting us. We strongly recommend following simple steps like updating your passwords periodically, avoiding common passwords, and using ones with higher strength. In addition, be mindful of what information you share online. Fraudulent activity can target anyone. Staying on guard and noticing things that are out of place can help identify larger issues. 

For more information on cybersecurity and internet safety, refer to this resource.

Anna Reeve Net Pay Advance author headshot
Anna Reeve

As someone that spent a lot of time reading as a kid, I was deeply intrigued by the written word from an early age. My first full-time job post college was writing content for high-end fashion websites. Following my graduation from the MBA program at Pittsburg State University, I found employment in Marketing. For the last couple of years, I have been creating content on several platforms. I am a proud dog-mom to my black labs – Sky & Harry Potter (took fangirling to a whole new level there!), a connoisseur of Indian cuisine, a mediocre artist, and a reality TV addict.

Net Pay Advance is a licensed loan provider, locally owned and operated in Wichita, Kansas. Our No. 1 priority is helping you, the customer, by providing access to the cash you need and helping support financial independence goals with valuable, informational, and entertaining content. Stay up-to-date on our posts by following the Net Pay Advance Facebook, Instagram, and Twitter pages. Our organization is committed to transparency; learn more about our authors and editorial policy. The information provided within this blog is for educational purposes only and should not be construed as financial or legal advice. Please contact us if you have any questions.