Info & Advice

Strong passwords are the first step to protecting your online accounts—but not all passwords are created equal. In this blog, we reveal why the seemingly complex “PE#5GZ29PTZMSE” isn’t as secure as you think, why a passphrase like “Stop Hammer Time!” wins, and how to check if your own credentials have already been exposed in breaches. Plus, we explore the next critical step in cybersecurity: enabling multi-factor authentication (MFA).

Never in all my life did I imagine I had that headline in me, and yet, here we are. With that acknowledgement aside, let’s get straight into it. Slopsquatting.

Nothing throws your day off like a frozen screen or a sluggish computer. If you run a small business, you’ve probably dealt with outdated tech more than once. Sure, squeezing extra life out of old equipment feels economical, but it often costs more in the long run.

So, in recent times we’ve seen airline Qantas falling victim to a cyberattack which hit a third-party contact centre platform potentially exposing personal details of up to 6 million customers. On the NZ side of the ditch, New World took an arrow to the knee with a password spraying attack.

The landscape of remote work has transformed dramatically over the past several years. What began as a reactive shift to keep operations going during a major global disruption has now solidified into a permanent mode of working for many organisations, especially small businesses.

On Friday, 30th June 2025, Qantas confirmed a cyber incident affecting one of its offshore third-party contact centres. Approximately six million customer records were accessed, exposing personal information including names, contact details (email and phone number), Date of Birth and frequent flyer numbers. No financial or authentication credentials (such as passwords or card data) were determined to be accessed at this time.

What would happen if your business lost all its data tomorrow? Would you be able to recover, or would it grind your operations to a halt? Every small business runs on data, which includes customer information, financial records, communications, product files, and more. Yet data security often falls to the bottom of the to-do list.

Those who’ve tracked my ramblings over the years will note a measure of (shock, horror) cynicism in the FUD seemingly churned out as a byproduct of the infosec industry. And here we are again;

Over the past few years, we’ve become experts in digital efficiency. We join calls from home offices, cars, cafes. We screen-share, voice-chat, and message in real-time. Work, it seems, has never been more connected.But in a business context the more digitally connected we become, the greater the potential for human disconnection.

From the wonderfully complex defining most of infosec, we swiftly move to the wonderfully simple. Better a safeword, than a sorry one.

The cybersecurity industry is more crowded than ever- especially in managed services. endless vendors, countless products, and new buzzwords appearing faster than you can say “zero trust.” Businesses are left facing so many options that choosing the right one becomes nearly impossible.

Personal data protection is more important than ever in this digital world. The dark web is a secret part of the internet that is very dangerous because it is often used for illegal things like selling personal information.