200,000 Estonians' social media passwords breached ({{commentsTotal}})

Photo is illustrative.
Photo is illustrative. Source: (SIPA/Scanpix)

CERT Estonia, the Information System Authority (RIA) organization responsible for the management of security incidents in .ee computer networks, informed nearly 200,000 Estonians via their employers that their social media passwords had been leaked.

CERT director Klaid Mägi told ERR that while it was previously known that the passwords in question had leaked as hashes, i.e. in encrypted form, the RIA found out on Wednesday that the passwords had been breached.

"Information that the passwords had leaked was received a year or a year and a half ago, and at the time we informed all institutions that hashed passwords had leaked and we must be prepared that some bad person will crack the hashed passwords and access the real passwords," Klaid recalled. "We called on everyone to change all their passwords."

Two days ago, however, CERT found out that someone had actually done exactly as they feared and cracked the hashed passwords.

According to Mägi, CERT has since once again contacted all institutions and organizations, including nearly 200,000 people, whose email addresses end in .ee.

CERT sent each institution a list of specific people's email addresses which were affected by the breach. Their warning, however, will not reach those whose usernames are not connected to Estonia, which means that the total number of those affected may actually exceed 200,000.

Anyone interested in checking whether their own social media account passwords have been leaked can do so at the CERT-recommended website haveibeenpwned.com. Mägi recommended that anyone with a social media account should do so just in case.

CERT also continues to recommend practicing good cyber hygiene and regularly changing your passwords.

A strong password is unique to each account, at least 9-10 characters long, and includes both upper and lower case letters, numbers and punctuation marks.

Editor: Aili Vahtla



ERR kasutab oma veebilehtedel http küpsiseid. Kasutame küpsiseid, et meelde jätta kasutajate eelistused meie sisu lehitsemisel ning kohandada ERRi veebilehti kasutaja huvidele vastavaks. Kolmandad osapooled, nagu sotsiaalmeedia veebilehed, võivad samuti lisada küpsiseid kasutaja brauserisse, kui meie lehtedele on manustatud sisu otse sotsiaalmeediast. Kui jätkate ilma oma lehitsemise seadeid muutmata, tähendab see, et nõustute kõikide ERRi internetilehekülgede küpsiste seadetega.
Hea lugeja, näeme et kasutate vanemat brauseri versiooni või vähelevinud brauserit.

Parema ja terviklikuma kasutajakogemuse tagamiseks soovitame alla laadida uusim versioon mõnest meie toetatud brauserist: