Black Friday and Cyber Monday are just around the corner, and that means consumers across America will soon be in a shopping frenzy. Scoring the best deals on holiday gifts is awesome and all, but don’t let the shopping mania distract you from retail cyber security.

The latest in massive data breaches: adult dating and entertainment company Adult Friend Finder Network has had the information of over 412 million accounts comprised in an attack on their database. The breach included “339 million accounts from AdultFriendFinder.com, which the company promotes as the ‘world's largest sex and swinger community.’”

In a recent study, the Ponemon Institute interviewed 3,476 IT professionals and IT security practitioners from the US and around the globe. It was discovered that 73 percent of respondents find cloud-computing and cloud-based services vital to their organization’s operations. 54 percent however, said that their companies don’t have a proactive approach to security. As cloud-computing becomes more useful and popular, it is critical to pay attention to the security of these cloud services, especially when the customer data stored in the cloud is the data most vulnerable to hackers. According to the report, “protection of data in the cloud is important but not practiced.” Security breaches result in a lack of customer trust, which leads to a decline in revenue.

Two weeks ago, we predicted that distributed denial-of-service (DDoS) attacks using Internet of Things Botnet armies would become more frequent and more severe. Unfortunately, these predications are quickly coming true. On October 21^st, a massive DDoS attack was launched against New Hampshire-based DNS provider, Dyn. Hackers used a publicly available Mirai source code to create a Botnet army and infect an estimated 500,000 or more devices, overwhelming Dyn with enormous amounts of junk traffic. Major websites who use Dyn, like Amazon, Twitter, Spotify, and Netflix, were brought down for hours. What’s worse, these compromised devices remain accessible to hackers. An IoT device could be anything from a CCTV camera to a printer. The devices often have weak passwords, as most manufacturers and users are not concerned with securing their products. Many of the devices used in the attack were products of the Hangzhou Xiongmai Technology of China, and the company is now recalling some of its devices, and issuing patches for others.

With cyber security news dominating headlines, you’ve no doubt heard of the many security threats facing you and your business. Passwords are essential to protecting yourself from hackers, but it is difficult to keep your passwords varied and strong.