Think Twice Before Tweeting About a Data Breach

Rushing to let the world know about a data breach that where your info may have been compromised can make things much worse for you. Many people learned this the hard way recently. Here’s the scenario…

NetGalley, a website that provides advanced e-copies of books to reviewers, emailed users just before Christmas that the company had suffered a “data security incident”. It was a fairly serious one, too. The compromised database included such sensitive info as usernames and passwords, names, email addresses, mailing addresses, birthdays and company names.

Hackers love it when their victims make it worse
What happened next, though, is where things get truly interesting. NetGalley’s users tend to be a very online crowd. Eager to be the first to share breaking news, many of them quickly took to social media and started discussing the incident without first considering the information they were putting up for all the world to see. 

These folks actually made themselves even more vulnerable! 
One user Tweeted a complaint in which he griped about having to change all his passwords, since he re-used his NetGalley password all over the place. Hint: If you’re going to commit the security sin of password reuse, don’t tell the world about it.

Another user Tweeted an image of the email she received from NetGalley—complete with her full name, which had previously been masked. NetGalley allows users to create usernames so they can communicate anonymously. Not anymore for this user!

Several others made a similar error, revealing their NetGalley usernames in a Twitter account under their actual names. Hackers love this type of information, as many people reuse usernames across several accounts.

© National Security Institute, Inc.


Protect Yourself & Your Company From Cybercrime

Solution Overview

SecuritySense is a subscription-based content service that delivers you a consistent supply of fresh cybersecurity awareness content so you can easily maintain an ongoing cybersecurity brand awareness campaign

Unique Content Strategy

People pay attention to content they find personally relevant. SecuritySense  doesn’t feel like you’re being given extra work to do. It’s a blend of personal and work-relevant cybersecurity tips, warnings, human interest stories, instructions, news and insights that everyone looks forward to receiving. More about our content strategy

The Secret to Creating Awareness

Brand marketers know if you want to create awareness you have to do two things.  Steadily promote your message and make sure that message offers content that personally resonates with your audience. SecuritySense makes it easy for you to do both. 

Compare Our Per Employee Cost

Compare our per employee annual cost with the $8.00 – $20.00 seat licenses you might pay for training platforms. It’s a no-brainer to add SecuritySense to your overall program.
See pricing