Six people including both Russian and American citizens were indicted yesterday in New York for hacking into 1,600 StubHub accounts and stealing more than 1.6 million dollars in tickets. StubHub is a website where people can buy and sell sports and entertainment tickets. Although the accounts hacked were StubHub accounts, it appears the fault was not that of StubHub, but rather of individual StubHub customers whose passwords and user names were obtained through hacking of other companies or through the use of keystroke logging malware programs unwittingly downloaded, most likely through phishing emails to the victimized consumers.
For those people who used the same user name and password for all of their accounts, this hacking is another example of why you should not do so. Using the same user name and password puts you in danger in all of your online accounts if merely one of your online accounts is hacked. The better course of action is to use a different user name and password for every account that you use. Although this may seem like a complicated thing to do, it need not be so. Just adding a couple of letters describing the account to your password can provide you with much added security. So for example if you used the basic, safe password of “IHatePasswords123!” which is a strong password and then added a few letters to describe the particular account such as a StubHub password of “IHatePasswords123!StubHb” you would have a difficult to break, but easy to remember password. As for protecting yourself from downloading keystroke logging malware by which you unknowingly download malware that provides access to all of the personal information on your computer the key thing to remember is to never click on a link or download an attachment unless you are absolutely positive that it is legitimate and you have independently confirmed its legitimacy. Also, you should maintain your anti-malware and anti-virus software up to date with the latest security patches.