Hello there Photo Finish faithful! We wanted to reach out with some Good News and some Bad News.
The Good News
Your horses, CROWN, and DERBY are valuable!
The Bad News
Hackers are trying to steal them from you!
There have been multiple players in the past week that have gotten their login / password credentials stolen. We have a few good safeguards in place to minimize damage once they get in, but every time this happens it obviously makes us all not feel good and every loss is loss, no matter how big or small. You should all feel quite proud of having valuable asset(s) under your possession, so now, protect it!
Its just 3 pretty simple steps:
1) DO NOT USE RE-USED PASSWORDS
An extremely common tactic out there is ‘credential stuffing’, where bad actors download a list of emails and passwords from the dark web or pastebins, and try them against every single site known to man. They’ll take a netflix login and try it against ebay, facebook, or PFL for example. For PFL (and every site), create a new an auto-generated password!
2) TURN ON MFA (ON A SEPARATE DEVICE)!!!! Multi-factor authentication requires a bad actor to have access to both your authentication device and your account credentials. At the small cost of a slight hassle of typing in a code, you’ve basically got the security of the nuclear launch codes.
3) DO THE SAME FOR YOUR EMAIL! I meet so many people that have the same yahoo or aol email from 20 years ago with the same password they had from college. Those people are ngmi in crypto. Be paranoid that someone is silently pilfering everything you get. Set up MFA and a new secure password on your email so that people aren’t getting access to everything else right as you change it!
To see how many times your credentials have (knowingly) been leaked so far, you can always check: https://haveibeenpwned.com/