Krebs on Security

JANUARY 17, 2019

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. As we can see above, Collection #1 offered by this seller is indeed 87GB in size.

Passwords 55

Passwords Accountability Hacking Password Management 55

Troy Hunt

FEBRUARY 21, 2018

Last August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations could use to better protect their own systems. Here's what it's all about: There's Now 501,636,842 Pwned Passwords.

Passwords 279

Passwords Data breaches Mobile Risk 279

Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. Shortly after that blog post I launched Pwned Passwords with 306M passwords from previous breach corpuses. 3,768,890 passwords. 3,768,890 passwords.

Passwords 245

Passwords Accountability Authentication Data breaches 245

Troy Hunt

NOVEMBER 7, 2018

The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing attack. link] — Troy Hunt (@troyhunt) November 6, 2018.

Passwords 249

Passwords Accountability Hacking Education 249

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 347

Data breaches Passwords Authentication Accountability 347

Security Affairs

NOVEMBER 29, 2018

Dell data breach – IT giant Dell disclosed a data breach, the company confirmed it has detected an intrusion in its systems on November 9th 2018. Attackers were trying to exfiltrate customer data (i.e. Securi ty Affairs – Dell data breach, hacking). Pierluigi Paganini.

Data breaches 110

Data breaches Passwords Advertising Accountability 110

Schneier on Security

APRIL 2, 2020

Marriott announced another data breach, this one affecting 5.2 account number and points balance, but not passwords) Additional Personal Details (e.g., Marriott announced another data breach, this one affecting 5.2 account number and points balance, but not passwords) Additional Personal Details (e.g.,

Hacking 273

Hacking Accountability Data breaches Government 273

Adam Levin

NOVEMBER 27, 2018

Amazon was hit with a data breach just days before Black Friday and Cyber Monday, the biggest shopping time of the year. The major data breach exposed names and email addresses of customers due to a technical error on their website. The issue has been fixed. The impacted customers have been contacted.”.

Data breaches 146

Data breaches Passwords Accountability Hacking 146

Security Affairs

MARCH 31, 2020

Marriott disclosed a new security breach detected at the end of February 2020 that could impact up to 5.2 Marriott International discloses a data breach that exposed the personal information of roughly 5.2 ” reads the data breach notification published by the company. million of its guests.

Data breaches 144

Data breaches Passwords Advertising Accountability 144

SecureWorld News

MARCH 24, 2022

Now, headlines about ransomware, cyberattacks, and data breaches pour into social media feeds as steady as a river flows. SecureWorld News takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Who attacked: no attacker.

Data breaches 128

Data breaches Passwords Accountability Government 128

Troy Hunt

JANUARY 14, 2018

I don't know how many data breaches I'm sitting on that I'm yet to process. The data was sent to me and after inspecting it, I found identified 84k email addresses in the breach. I was recently sent a data breach alleged to have come from theflyonthewall.com and upon verifying it, I believe it's legitimate.

Data breaches 177

Data breaches Passwords Accountability Media 177

Adam Levin

AUGUST 31, 2018

Air Canada is advising customers to reset their passwords on their mobile application after detecting a potential data breach of customer records. In a notice, Air Canada says that a data breach it discovered last week impacted 20,000 profiles. million users to reset their passwords. “We 22-24, 2018. “We

Data breaches 106

Data breaches Passwords Mobile Encryption 106

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. As it happens, Plex announced its own data breach one day before LastPass disclosed its initial August intrusion.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Security Affairs

NOVEMBER 22, 2019

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident. The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. Pierluigi Paganini.

Wireless 136

Wireless Data breaches Mobile Telecommunications 136

Security Affairs

NOVEMBER 23, 2019

Chinese smartphone vendor OnePlus has suffered a new data breach, according to a company’s notice hackers accessed customers’ order information. OnePlus disclosed a data breach, an “unauthorized party” accessed some customers’ order information, including names, contact numbers, emails, and shipping addresses.

Data breaches 138

Data breaches Passwords Advertising Accountability 138

The Last Watchdog

AUGUST 19, 2021

Instead of addressing the security gaps that have plagued T-Mobile for years, they are offering their customers temporary identity protection when breaches happen, as if to say, ‘This is the best we can do.’. For T-Mobile, this is the sixth major breach since 2018. Joshua Arsenio, Director, Security Compass Advisory.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. But in a letter sent to affected individuals dated Feb.

VPN 363

VPN Passwords Software Telecommunications 363

Troy Hunt

MARCH 29, 2018

The penny first dropped for me just over 7 years ago to the day: The only secure password is the one you can't remember. In an era well before the birth of Have I Been Pwned (HIBP), I was doing a bunch of password analysis on data breaches and wouldn't you know it - people are terrible at creating passwords!

Password Management 273

Password Management Passwords Data breaches Retail 273

Security Affairs

NOVEMBER 23, 2018

Software company OSIsoft has suffered a data breach, the firm confirmed that all domain accounts have likely been compromised. Software company OSIsoft notified security breach to employees, interns, consultants, and contractors. ” reads the data breach notification. Below the data provided by the company.

Data breaches 107

Data breaches Software Passwords Advertising 107

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has disclosed a data breach exposing customers’ account’s information. ” reads the statement published by the company. Pierluigi Paganini.

Data breaches 145

Data breaches Mobile Telecommunications Accountability 145

CyberSecurity Insiders

DECEMBER 26, 2022

Now, reports are in that the database of the Pennsylvania based digital services provider was hit by a cyber attack leading to a data breach, thus leaking details to hackers. And when they tried to access the account, their attempts failed as their passwords were changed.

Data breaches 133

Data breaches Accountability Internet Internet 133

Troy Hunt

NOVEMBER 19, 2020

txt" had a small number of email address and password hex pairs. This same pattern appeared over and over again across the other archives and it gives us a pretty good idea of what the data was intended for: credential stuffing. A substantial number, although not even in the top 10 largest breaches already in HIBP.

Passwords 364

Passwords Password Management Accountability Risk 364

CyberSecurity Insiders

AUGUST 17, 2021

Pearson, a London based e-textbook publishing firm that supplies software to Schools and Universities has been slapped with a fine of $1 million for misleading investors about a 2018 data breach that witnessed siphoning of millions of student records by hackers.

Data breaches 120

Data breaches Education Cyber Risk Cyber Attacks 120

Troy Hunt

JUNE 25, 2018

Pretty much every day, I get a reminder from someone about how little people know about their exposure in data breaches. Frequently, it's some long-forgotten site they haven't even thought about in years and also frequently, the first people know of these incidents is via HIBP: large @ticketfly data breach.

Passwords 278

Passwords Data breaches Password Management Accountability 278

Security Affairs

JUNE 10, 2019

Retro video game website Emuparadise revealed to have suffered a data breach that exposed 1.1 Million accounts back in April 2018. The security breach occurred in April 2018 and exposed account information for approximately 1.1 million Emuparadise forum members. million Emuparadise forum members.

Data breaches 100

Data breaches Advertising Cybercrime Passwords 100

Krebs on Security

FEBRUARY 13, 2025

Launched in 2018 under the name Firefox Monitor , Mozilla Monitor also checks data from the website Have I Been Pwned? to let users know when their email addresses or password are leaked in data breaches. Mozilla offers Onerep to Firefox users on a subscription basis as part of Mozilla Monitor Plus.

Data breaches 186

Data breaches Marketing Passwords Risk 186

Security Affairs

SEPTEMBER 25, 2018

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. ” reads the data breach notification. million customers.

Data breaches 104

Data breaches Retail Advertising Passwords 104

Security Affairs

MAY 17, 2019

The popular question-and-answer platform for programmers Stack Overflow announced on Thursday that is has suffered a data breach. The news of a data breach makes the headlines, this time the victim is the popular question-and-answer platform for programmers Stack Overflow. SecurityAffairs – data breach, hacking).

Data breaches 107

Data breaches Advertising Engineering Passwords 107

Adam Levin

APRIL 6, 2020

Marriott International announced a data breach that may have exposed the information of 5.2 This is the second major data breach that Marriott has experienced in recent years; in 2018, the company announced that the information of 327 million customers of subsidiary Starwoodhad been compromised in a similar incident. .

Data breaches 187

Data breaches Financial Services Passwords Accountability 187

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020.

Data breaches 98

Data breaches Retail Passwords Scams 98

Security Affairs

SEPTEMBER 27, 2019

DoorDash is a San Francisco–based on-demand food delivery service, the company confirmed it has suffered a data breach that exposed roughly 5 million users. DoorDash announced a data breach that exposed the personal information of 4.9 Users who joined after April 5, 2018 are not affected. “Approximately 4.9

Data breaches 99

Data breaches Passwords Advertising Banking 99

CyberSecurity Insiders

OCTOBER 13, 2021

Problems arise for businesses when they base their access management programs entirely around passwords, however. Such programs overlook the burden that passwords can cause to users as well as to IT and security teams. Passwords: An unsustainable business cost. Users have too many passwords to remember on their own.

Passwords 141

Passwords Accountability Data breaches Authentication 141

Identity IQ

JANUARY 19, 2021

With all that transpired over the last few months, and even with the SolarWinds cyberattack making headlines , it might be easy to forget that data breaches and hacks continue to expose the personal information of millions. This leaves victims of the data breaches vulnerable to identity theft. million guests were exposed.

Data breaches 105

Data breaches Identity Theft Small Business Passwords 105

SecureWorld News

DECEMBER 29, 2020

Now headlines about ransomware, cyberattacks and data breaches pour into social media feeds at a steady drumbeat. SecureWorld now takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Equifax data breach (2017).

Data breaches 98

Data breaches Passwords Accountability Government 98

Security Affairs

APRIL 21, 2023

The American Bar Association (ABA) disclosed a data breach, threat actors gained access to older credentials for 1,466,000 members. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The ABA has 166,000 members as of 2022.

Data breaches 98

Data breaches Passwords Education Accountability 98

Security Affairs

MAY 29, 2019

The news and social media aggregator Flipboard disclosed on Tuesday that it suffered a breach, unauthorized users had access to some databases storing user information. Hackers had access to the company systems between June 2, 2018, and March 23, 2019, and again on April 21-22, 2019. SecurityAffairs – hacking , data breach).

Data breaches 97

Data breaches Accountability Passwords Advertising 97

Troy Hunt

DECEMBER 3, 2023

” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. Inevitably, "because data breaches", and it's nuts just how much exposure this project has had because of them. Passwords This was never on the cards originally.

Data breaches 363

Data breaches Passwords Internet Internet 363