Zappos/6pm security breach: Your info could be at risk? If you reused your password/email address combo from either of these sites elsewhere, then change it!

See article from COMPUTERWORLD here:

http://blogs.computerworld.com/19584/zappos_security_breach_your_data_hacked

Here’s the letter from 6pm.com:

First, the bad news:

We sincerely apologize for any inconvenience this may cause. If you have any additional questions about this process, please email us at passwordchange@6pm.com.

For website logins, it’s always wise to create a new password for each site and NEVER reuse your email password ANYWHERE!

Also see our MacMedics Blog post from 2010 here: MacMedics Security Alert: Only Use Your E-Mail Password For Your E-Mail Account (Gawker Security Breach)

If you have an e-mail account, this applies to you.

You may have read in the news that Gawker Media angered the hacker community and was attacked as a result. Not the end of the world, but here’s a tip: don’t upset hackers.

Well, I came to find out that my Gawker password and username were on the list of passwords that were stolen by the hackers. In fact, LinkedIn saw my e-mail address on the list and compared it to their list of accounts and just froze my account, just to be safe.

If you ever commented on any of the Gawker websites, your info could be at risk. You can find out if your data is on the list that hackers now have in their possession by using this free tool: http://www.didigetgawkered.com

What are hackers going to do with this data? They are going to try and hijack your e-mail and Twitter accounts. Over the last few days we have had a number of clients who are having issues with e-mail accounts being hacked. Even before the Gawker security issue, this type of attack has been on the rise.

You should never use your e-mail password anywhere but in your e-mail account.

Change your password fairly often, generally once a month is a good rule of thumb.

If you ever sign into your e-mail from a public Wi-Fi hotspot, your account info could be “sniffed” out of the Wi-Fi and used to send SPAM from your e-mail. How common is this? Pretty common, in fact it happened to one of our employees, and it happens all the time.

If you’re travelling, and you need to check your e-mail, check it via webmail, which is uses a secure connection to send your password. Also, beware of using publicly accessed computers at hotels, airports, coffee shops, and Internet cafes as these computers are often not totally secure or have virus or malware software installed on them which can send your key strokes to someone else, who will try to use them for their own benefit.

For more info on this topic right from Gawker, be sure to read this post.

Someone performed a detailed analysis on the list of hacked passwords and found the most popular password among nearly 400,000 exposed by the Gawker hack was “12345″. The word “monkey” and the phrases “letmein” and “trustno1″ also made the top-ten most common passwords that appeared on the list.

For instance a 7 digit all number password (like an old phone number) can be cracked in a little a 17 minutes using the weakest type of attack. Using a strong attack method a 7 digit all numbers password can be cracked instantly. Your password should be a mix of letters, number, and symbols with varying type of capitalization as well. See this chart to see how you stack up.