Some big websites might require you to change passwords
If you receive an email from Netflix or Facebook asking you to change your password because it matches a credential from an older security breach, you may want to heed its advice. Cybersecurity expert Brian Krebs says some big companies, including the streaming service and the social network, tend to go through data from other websites’ security breaches to look for log-ins that match their users’. They then force those users to change the passwords they reused to keep them safe. If you’ll recall, hackers recently sold the millions of log-in combinations they stole from LinkedIn, Tumblr and MySpace a few years ago.
According to Krebs, Netflix has already begun sending out password resets after scouring the log-in credentials leaked online. The company apparently uses a tool it released in 2014 to comb through leaked log-ins — so, yes, the email is legit and not an attempt to phish for your details. Of course, the best way to ensure you’re safe is to use a unique password for every online account and to delete anything you don’t use anymore.