Founded in 1993, Nvidia has over 6,000 employeesGPU manufacturer Nvidia has announced that user data has been compromised after unauthorized third parties gained access to its Forums database.
The stolen information is believed to comprise:
- username
- email address
- hashed passwords with random salt value
- public-facing "About Me" profile information
Nvidia has said it's "continuing to investigate this matter and is working to restore the Forums as soon as possible. We are employing additional security measures to minimize the impact of future attacks.
"All user passwords for our Forums will be reset when the system comes back online. At that time, an email with a temporary password, along with instructions on how to change it, will be sent to the user’s registered email address."
As Nvidia took the precaution of hashing user passwords with a salt before storing them, it makes it more difficult for hackers to crack them and turn them into readable passwords to gain access to the Nvidia accounts. As Nvidia have now disabled their forums it's unlikely that user accounts on their service could be accessed anyway.
The real problem for users lies away from Nvidia, and on sites where they have used that same password. It's an especially critical problem for those who have used the same password for the email account they signed up to Nvidia forums with. Once the hashed password is cracked, the hacker is only a step away from gaining access to their email account.
This is why it's critical that you use strong passwords and never use them more than once. Using different passwords on all of your websites isolates your exposure should one site be compromised. Making your passwords complex means that if even a hashed password is stolen, it's much more difficult for the hacker to run through all its permutations and crack it.
my1login has a free password generator which will generate strong, complex passwords for you. Should you choose to store them within the my1login password manager then, as you no longer have to remember them, you have the freedom to make all of your passwords complex and unique, building a fortress around your online identity.
Further Reading:
Related Articles
The 3 Steps to Passwordless
More than 80% of all enterprise data breaches are made possible by weak or stolen passwords. The majority of employees who have already been scammed through...Single Employee Credential Wreaks Havoc For US-based, Cyber Vendor
You may have seen in the press this week that a major, US-based, cyber security vendor fell victim to a data breach. This particular breach involved compromised...
