It wasn’t so long ago that news of a list of 16bn username and password combinations discovered floating around online would have stirred up a massive international response. Today, news cycles have moved on and there’s an increasing cynicism around data breaches. Nothing changes as a result of the headlines – which themselves are often misleading. The 16bn passwords found in June wasn’t a new data breach, but, rather, a consolidation of previous leaks and thefts.

As someone who has spent the best part of 30 years trying to teach the basics of data security (use unique passwords, use a password manager), it’s disheartening to see how little things have changed for end-users. And yet it’s always the end-users who carry the blame for cybersecurity breaches that happen many layers of abstraction away from their control.