Following a report yesterday that the German authorities revealed one of the biggest data thefts, the stolen email addresses belong to major Internet companies both in Germany and abroad. Fred Touchette, senior security analyst, AppRiver explains why these breaches are more than just an inconvenience and what those involved need to do next: “People often associate this type of breach as just an annoyance when a friend who’s in a victim’s address book reports back to them that they are sending spam and they have to go and change their password. However, a lot of people fail to look at the bigger possible ramifications of a breach of this nature.”

“The report is a little vague about what led to the discovery of this breach, but in the end that isn’t really the most important thing to know right now. The important part is for the authorities in the city of Verden to find a way to disclose whose email accounts were compromised so the victims can properly secure themselves and monitor their accounts for foul play.”

Offering some advice to those caught up in this breach, Fred continues “After this occurs, obviously step one for the owners of these accounts is to change those passwords as soon as possible. It is also very important, as we always say, not to use the same password on several different sites, so this also should be fixed as soon as possible. When this occurs, the bad guys aren’t simply getting access to a legitimate email address from which to send spam, they are also getting access to every other account that shares that password. A few simple online searches, or even simply making a few educated guesses could give these hackers access to bank accounts or shopping sites that may have stored credit card information. From there the hackers can begin making purchases in the victims’ names or even start new accounts in their names utilising information gleaned from these accessible accounts."