Even worse, the attack was perpetrated thanks to extremely lax password security, which the hackers insisted features embarrassingly easy to use guess login credentials. The attack is a stark reminder for businesses of all sizes that passwords are the first line of defense against these kinds of hacks and that shoring up your security could save you millions. The hack was just the beginning, though. The attacker — who went back the moniker “Thrax” in the initial notification — also gained access to the Fast Company CMS via WordPress. This allowed them to view everything from unpublished drafts to company records, including email addresses and passwords of more than 6,000 employees. Fast Company shut down its website in order to mitigate the damage, as well as the websites for its other publications it owns, including Inc.com and Mansueto.com. However, this cybercriminal didn’t need to do all that, as Fast Company reportedly utilize some extremely lax password security to keep its information safe, which the hacker was able to guess. The hacker posted a message stating that Fast Company utilized unbelievably easy-to-guess passwords to secure its WordPress CMS and, even worse, used that same password for multiple accounts. This gave the attacker access to a wide range of data, including the Apple News API, which allows them to send the push notification to users. It’s not the first time we’ve heard of an attack stemming from an easy-to-guess password. Just a few weeks ago, the hotel chain Intercontinental Hotel Group was infiltrated due to using the password ‘Qwerty1234’. If we’ve said it once, we’ve said it a thousand times: password security is vitally important for businesses in 2022. Until we finally go passwordless, which is certainly still a way off, you need to make sure your accounts are adequately secured with long, unique passwords that can’t be guessed by a random hacker. Password best practices remain hard to follow, though. With all those accounts, it can be impossible to come up with unique options for each one. Fortunately, password managers are designed to do just that, as well as offering other security features that can keep your business safe.