You've been Hacked!

You've been Hacked!

uk2_security_clean-up.jpg

The all too common and feared message "You've been hacked" is something that many online businesses and companies will face in their lifetime.

What does It mean to get hacked?

Getting hacked is when an un-authorized person gains access to your system. This is mostly due to weak or compromised login credentials.

Why do businesses get hacked?

There are many reasons why businesses get hacked. These reasons can't be covered in this blog post but you can read up on It here

How can I protect my business from getting hacked?

Just as there are many reasons why businesses get hacked, there are a number of practices that must be put in place in a business's day to day activities in order to protect itself from a hack. For the sake of this blogpost, we will focus on login credentials .

When your login credentials are easily guessable, you are literally asking to get hacked. These hackers have computer programs that can try a combination of different passwords till one of them eventually works. If you have a password that says "Hello123", It will only take these programs a couple of seconds to guess what It is. This is why businesses should practice using secure passwords, like this .

If you have made use of the same password on different services, there is a chance that one of those services has suffered a data breach at some point in the past. For example Myspace suffered a data breach that left over 360 million accounts affected . The credentials from these breaches are then circulated on the dark web. This is where many hackers get your password from if their tools can't guess what It is.

Luckily you can also know if your password has been hacked. Programs like Unbreached allow you to add a layer of security to your Node.js applications. It allows you to check in realtime if the credentials you are about to use to login have been compromised. For developers that want to build their own solution but need access to the data, Verifiedly offers an API that let's you check if an email or a combination of email and password have both been compromised.