US business and media publication Fast Company being forced to shut down its website after it was hacked and then being sent "obscene and racist" notifications to Apple users (via the iPhone maker's Apple News service) shows yet again how vulnerable organisations are to such attacks.

"Attackers are increasingly using weak, stolen, or otherwise compromised credentials to breach organisations,” warns Andy Harris, CTO, Osirium. “Although many businesses have taken steps in implementing rigorous password policies, SysAdmin credentials still need protecting from abuse. Password education is a good place to start – and not sharing credentials is critical, as proven in the Fast Company breach. Sharing passwords negates individual accountability – something that Privileged Access Management [PAM] can preserve in a way that Password Vaults cannot.”

"When access is controlled, breach attempts can be thwarted. This is because the passwords required to access the most valuable resources no longer need to be remembered or shared. PAM would have afforded the Fast Company visibility and control of the privileged accounts within the entire IT landscape, enabling them to delegate access to the users that need it and mitigating the risk of breach."