Data breaches and Personal Security - Cyber Security Informer

The Data Breach "Personal Stash" Ecosystem

Troy Hunt

JANUARY 29, 2024

That's the analogy I often use to describe the data breach "personal stash" ecosystem, but with one key difference: if you trade a baseball card then you no longer have the original card, but if you trade a data breach which is merely a digital file, it replicates.

Data breaches

Data breaches Passwords Advertising Personal Security

Mother of all Breaches may contain NEW breach data

Malwarebytes

JANUARY 31, 2024

On January 23, 2024, we reported on the discovery of billions of exposed records online, now commonly referred to as the “ mother of all breaches ” (MOAB). Since then, the source of the dataset has been identified as data breach search engine Leak-Lookup. But it does nothing to enforce that restriction.

Data breaches

Data breaches Identity Theft Passwords Internet

A bug in the Walgreens mobile app leaked customers’ messages

Security Affairs

MARCH 3, 2020

Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. ” reads the data breach notification letter sent to the users.

Mobile

Mobile Data breaches Advertising Banking

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Data breaches in the retail sector illustrate the vulnerabilities inherent to this industry, emphasizing the need for robust cybersecurity measures. This finding not only underscores the vulnerability of the retail sector but also accentuates the financial repercussions of such breaches. Governments: Look to global benchmarks.

Retail

Retail Cybersecurity Financial Services Mobile

Top of Mind Security Insights from In-Person Interactions

Cisco Security

JUNE 30, 2022

Insider cyber-attacks are among the fastest growing threats in the modern security network, an increasingly common cause of data breaches. Using their authorized access, employees are intentionally or inadvertently causing harm by stealing, exposing, or destroying sensitive company data. Everyone is an insider .

Digital transformation

Digital transformation Data privacy Identity Theft Data breaches

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". It's made up of many different individual data breaches from literally thousands of different sources. Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows.

Data breaches

Data breaches Passwords Password Management Accountability

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

NOVEMBER 7, 2018

The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing attack.

Passwords

Passwords Accountability Hacking Education

No, Spotify Wasn't Hacked

Troy Hunt

JANUARY 8, 2019

Regular readers will appreciate the mechanics of this already but all those who I point here for whom this is new, this attack simply takes exposed credentials from a data breach and tries them on another site. The attack is simple but effective due to the prevalence of password reuse.

Hacking

Hacking Passwords Accountability Data breaches

Cybercriminals’ friend VPNLab.net shut down by law enforcement

Malwarebytes

JANUARY 19, 2022

According to its own website before it was taken down, VPNLab said it was a service providing your security on the Internet by using encryption of original traffic. “Our service is designed for a broad spectrum of clients who care about their personal security.

VPN

VPN Encryption Cybercrime Technology

National Cybersecurity Awareness Month – What it Really Means for WordPress Users

SiteLock

AUGUST 27, 2021

Creating a culture of security within your large, medium, and small business is critical to avoiding data breaches. From the Break Room to the Boardroom: Creating a Culture of Cybersecurity in the Workplace. Week 3 – Oct. Recognizing and Combating Cybercrime. WordPress starts with people.

Cybersecurity

Cybersecurity Small Business Cybercrime Internet

Chart a course to the passwordless future on World Password Day

SC Magazine

MAY 6, 2021

The Identity Theft Resource Center (ITRC) found that a whopping 51 million people had their data compromised in Q1 2021. This statistic and other important findings from the ITRC’s Q1 2021 Data Breach Report point to the continued focus on credential theft among cybercriminals.

Passwords

Passwords Authentication Identity Theft Risk

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

The Last Watchdog

NOVEMBER 22, 2021

With so much critical data now stored in the cloud, how can people protect their accounts? Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Related: Training human sensors.

Passwords

Passwords Password Management Accountability Data breaches

Integrating Perimeter and Internal Defenses: 5 Facts That May or May Not Surprise

Cisco Security

JANUARY 6, 2022

” According to the CISOs we spoke with, “if you’re limited on funds and don’t have a 20-person security team, you have to do a lot quickly…being able to get these overlapping protections…and they’re talking to each other really shines.” However, integration has to mean more than simple co-existence.

Digital transformation

Digital transformation CISO Firewall IoT

The 42M Record kayo.moe Credential Stuffing Data

Troy Hunt

SEPTEMBER 13, 2018

The operator of the service (Kayo) reached out to me earlier this week and advised they'd noticed a collection of files uploaded to the site which appeared to contain personal data from a breach. Concerned that the data may indicate a previously unknown breach, Kayo then sent me over a total of 755 files totaling 1.8GB.

Passwords

Passwords Password Management Data breaches Accountability

12 Top Vulnerability Management Tools for 2023

eSecurity Planet

JANUARY 9, 2023

Holm Security VMP is preferred by SMBs thanks to its value and features like phishing awareness, but its broad capabilities also find application in large-scale organizations, governmental facilities, personal security, and educational facilities. Key Differentiators. How to Choose a Vulnerability Management System.

Risk

Risk Penetration Testing Small Business Software

Cyber Security Informer

The Data Breach "Personal Stash" Ecosystem

Mother of all Breaches may contain NEW breach data

Trending Sources

A bug in the Walgreens mobile app leaked customers’ messages

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Top of Mind Security Insights from In-Person Interactions

The 773 Million Record "Collection #1" Data Breach

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

No, Spotify Wasn't Hacked

Cybercriminals’ friend VPNLab.net shut down by law enforcement

National Cybersecurity Awareness Month – What it Really Means for WordPress Users

Chart a course to the passwordless future on World Password Day

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

Integrating Perimeter and Internal Defenses: 5 Facts That May or May Not Surprise

The 42M Record kayo.moe Credential Stuffing Data

12 Top Vulnerability Management Tools for 2023

Stay Connected