Credential Compromise has been a leading attack vector for the last five years. There are a variety of ways that attackers can do this. It could be by guessing passwords, phishing emails, spyware, or even pulling credentials out of memory. To detect and more proactively defend against credential compromise, organizations need to have visibility into identity, behavior and risk as well as the ability to automatically respond or take action when signs of compromise have been detected.
When Mark Zuckerberg’s passwords were hacked from his twitter and other accounts, that news got everyone’s attention . Online articles suggest that hackers got his password from the 2012 LinkedIn breach where 117 million accounts compromised. Mr Zuckerberg reused his passwords on other services, like Twitter, which got compromised.
This incident along with many other similar hacks proves that cyber-attacks are not isolated events, they are like a giant wave with long-term effects that can set off a chain of events.