- 21% of employee accounts could be hacked, according to a report from the US Department of the Interior.
- Nearly 500 employees used password 1234 to protect their accounts, according to the report.
Everyone who has attended a workplace cybersafety training has heard these phrases repeated repeatedly. Special characters. Regular changes. Don’t click on suspicious links.
It turns out that password safety is still a problem, even among federal employees. A report from the Department of the Interior found that the most commonly used password was “Password-1234.”
According to Kathleen Sedney, assistant inspector general for audits, inspections, and evaluations, her team broke into 21% of the department’s active employee accounts. There were 18,000 accounts, of which 288 had elevated privileges and 362 were senior-level.
According to the report, 478 accounts used the dreaded “Password-1234.”
In an op-ed in the Washington Post, Mark Lee Greenblatt, inspector general for the Department of the Interior and chair of the Council of Inspectors General on Integrity and Efficiency, urged everyone to heed the report’s warnings.
The Interior Department’s employees use passwords in a similar way to most Americans, so if this problem exists in my department, it could exist across the federal government and in business offices and homes nationwide,” Greenblatt wrote.
Also, 99.99% of the 18,000 accounts that staff cracked met the Department’s password complexity requirements, including “Password-1234.”
During the investigation, the Department examined the May 2021 Colonial Pipeline ransomware attack, which led to a major gas shortage in the eastern United States. The hackers needed only one stolen password to launch the attack.
The report suggests using multi-factor authentication and using passphrases, which are strings of unrelated words over sixteen characters. Greenblatt notes that anyone can use this advice, regardless of whether they are at work or at home.
Also Read:
1 Comment