Research from NordPass has revealed that retail and e-commerce employees often use shockingly weak passwords, making it very easy for hackers to access accounts and potentially ruin companies.
Here are the top 10 passwords in the Retail and E-commerce industry:
- Company name*
- Company name1*
The researchers analysed data from public third-party breaches that affected Fortune 500 companies. In total, the analysed data included 15,603,438 breaches and was categorised into 17 different industries. Researchers looked into the top 10 passwords used in each industry, the percentile of unique passwords, and the number of data breaches affecting each industry.
Weak passwords are one of the top causes of data breaches in business
Businesses and employers need to take extra care when it comes to cybersecurity. Back in February, a water treatment facility in Florida had a serious computer breach. The company used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees.
In December 2020, SolarWinds suffered from a big data breach, reportedly due to protecting one of their servers with the password “solarwinds123”.
Security expert at NordPass, Chad Hammond, says businesses have a duty to protect their customers’ data.
“A weak password of one employee could potentially jeopardise the whole company if an attacker used the breached password to gain access to sensitive data.”
Data breach cost
According to an IBM report, an average global cost of a data breach is $3.86 million. However, a data breach in the healthcare industry costs a staggering $7.13 million. Out of all countries, data breaches in US-based companies are the most expensive — $8.64 million.
According to Statista, the cost consists of things like: lost business resulting from diminished trust or confidence of customers; costs related to detection, escalation, and notification of the breach; ex-post response activities, such as credit report monitoring.
Similarly, countries in the European Union face GDPR fines, which are maximum 20 million or 4 percent of the annual global turnover, whichever is greater.
So how can businesses increase their password hygiene?
- Create complex and unique passwords, update them often, and store them in a password manager
A password manager for company wide use is the best way to maintain security over your business accounts. It is a secure way to store, share, and manage passwords in a single place.
2. Use multi-factor authentication or single sign-on
Companies should use multi-factor authentication where available for an added layer of security. Another great idea is to leverage single sign-on and password synchronisation, this way employees are less likely to revert to bad password practices, such as creating common passwords or writing them down.
3. Educate your employees on password hygiene and potential risks
Employees should avoid mixing their work and personal accounts. This ensures that your personal identity is not only protected, but also any information related to your employer is safeguarded in the event of a breach.