A lot of internet users are reusing the same password across multiple services. That gives hackers opportunity to use the passwords stolen from one service on another one.
On December 2017 massive passwords database was published. There is total of 1.4 billion of emails with passwords. Part of services where passwords was stolen is huge: Last.FM, Bitcoin, Pastebin, LinkedIn, MySpace, Netflix, YouPorn, Zoosk, Badoo, RedBox, games like Minecraft and Runescape, Anti Public, Exploit.in ….
We have purchased that list of all passwords and filtered our users. We force every affected user to change it passwords. It’s only matter of time when somebody else will start using your email account if password will not be changed.
How to protect yourself in the future:
1. Don’t use the same password for different services.
2. Use password manager software to remember all passwords and make it secure.
3. Always use two pass authorizations on every place where it exists
4. Don’t use easy guessing passwords