First, on the company side, they didn’t take any special steps to secure the administration file, which gave the hackers the keys to their virtual kingdom and made it possible for them to swoop in and steal literally everything. Worse, their password encryption was weak MD5, 128-bit, rather than the more robust and secure SHA-256. Taken together, these things made such a massive breach possible in the first place.
A forensic analysis of the user account information stolen, however, reveals another, equally troubling problem. The most popular password used by site users? 123456789, and the second most popular being 123456. Obviously, security was not something that Taringa’s users took very seriously either.In any case, if you use the site, then you should change your password immediately, because your account is all but certain to have been compromised. Also of particular import is to change the passwords on any other account that shares the same password you used on Taringa. Once hackers have a password of yours, they’re almost certain to try using it on your other accounts because an alarmingly high percentage of people use the same 1-2 passwords for everything. This means that a breach of Taringa could expose your bank and credit card accounts to risk as well, if you’re using the same passwords on those systems. Read our post on passwords.
While we’re on this subject, if you’re not using a different password for each account you have, you are putting yourself at unnecessary risk. The same can be said if you’re not using a password manager or enabling two-factor authentication whenever it is offered. Do those things, and you’ll be much safer online.