It has recently come to light that millions of passwords for major accounts such as Facebook, Google, LinkedIn, ADP, and Twitter have been stolen over the past month according to Trustwave researchers. This is in thanks to malicious keylogging software that had found its way onto hundreds of thousands of victim computers and leached away at private data. No one is completely sure at how this malware was successful at making its way onto all of these computers but what's important to know at this point is what to do in order to protect oneself in case you were one of those affected.
First things first, change your passwords! Make sure you interrupt any access that the thieves may have had to these accounts as soon as possible. Alot of these companies have warned their users that their accounts may have been compromised, but some have not, air on the side of caution here. If you have an acount with Facebook, GMail, Google+, YouTube, Yahoo, Twitter, Odnoklassniki, ADP or LinkedIn, it's possible that the bad guys may have access to your accounts, change all of these passwords.
A couple of very important password rules come to mind here as well:
Use Different Passwords- There is a great deal of damage that can occur after an intrusion if you are using the same password for all of your online accounts. Doing this places all of your online accounts behind a single entry point or single point of failure. If a hacker somehow gets their hands on your email password (for example) they will commonly attempt to access other accounts using the same credentials. So, though it can be cumbersome at first, make the extra effort to use different passwords for different accounts.
Stronger Passphrase- In the wake of recent data breaches where the attackers have posted stolen passwords online, it is still quite evident that while most people are aware of the importance of a strong password, not all are practicing this. A strong passphrase should consist of upper and lower case letters, numbers and symbols. It is also critical that it be no less that 8 characters in length (the longer the better). An easy way to come up with one is to start with a phrase that you can easily remember. Take “chicken and waffles” for example. You could use something like” ch1ck3n@ndWaffl3S!”. Also remember to avoid using the same password across multiple accounts.
Do your best to prevent this malware from getting onto your machines in the first place by practicing strong security procedures through layers such as a strong (properly configured) firewall, anti-virus, and email filtering, but also know what to do in case all of those layers didn't work.