public

A hacker could ruin your life. It did this guy’s.

What follows is a harrowing story and it's something that could happen to many of us. The actual story is behind the WSJ paywall, so I will break

Edwin Marcial

23 days ago

Latest Post Why I Urged My Entire Team to Look for New Jobs—And Why They Stayed by Edwin Marcial public

What follows is a harrowing story and it's something that could happen to many of us.

The actual story is behind the WSJ paywall, so I will break it down for you here.  — but if you can, read the full story.

A guy downloads a snazzy AI tool that converts text to video.

It works great except it's actually malware that gains access to all of his digital activity and captures all his key strokes.

Through the tool, hackers gets access to his 1Password account so it effectively has access to every single account and password he has.

Including his work slack account. He works at Disney so now hackers can get into Disney's corporate slack.

(Side note, I always thought Slack was a bad idea and the thought of it replacing email was always BS - it just added more crap on top of email. Disney says it already had plans to get rid of Slack)

Disney gets hacked thanks to all of this, the guy gets tormented by the hackers — all of his activity is exposed online and ultimately Disney also fires him for accessing adult content on his work laptop. Unclear if it was actually his doing or the hackers put it there. They really tortured this guy.

There are a few take-aways for me:

#1 Don’t download random software you don’t know especially if it is free and useful. If you find it valuable and it's free, then often you are the prize.

#2 Password managers are the go to recommendation from security professionals to protect your online access, but I have always been wary of them.

I always feared that if the password manager itself got hacked, your entire digital presence is vulnerable. That is just what happened here.

If you are going to use one, make sure you also use two factor authentication and make sure its something like your phone not the same password manager.

#3 Make sure to use 2 factor authentication (2FA) and make sure it is to your phone and use another source like an authentication app like Authy, Google Authenticator, Duo, etc.

A single download completely wrecked this person’s life and career. It’s a sobering reminder of the risks in our digital world. Stay vigilant out there.

Read the full story here at the WSJ written by Robert McMillan

Edwin Marcial

Published 23 days ago

Previous Post

How You Treat People on the Way Out Says Much About Your Leadership

Next Post

Why I Urged My Entire Team to Look for New Jobs—And Why They Stayed

Comments?

Leave us your opinion.