Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Change your password.

Data breaches 98

Data breaches Passwords Phishing Password Management 98

Troy Hunt

MARCH 10, 2021

Pwned Passwords is a repository of 613M passwords exposed in previous data breaches, which makes them very poor choices for future use. They're totally free and they have a really cool anonymity API that ensures no useful information about the password being searched for is ever exposed.

Passwords 349

Passwords IoT Password Management Data breaches 349

Troy Hunt

JANUARY 16, 2019

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It's made up of many different individual data breaches from literally thousands of different sources.

Data breaches 280

Data breaches Passwords Password Management Accountability 280

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. Hashed passwords for certain legacy systems (though Grubhub proactively rotated affected credentials).

Data breaches 87

Data breaches Accountability Social Engineering Passwords 87

Troy Hunt

SEPTEMBER 9, 2021

As technology has evolved, fingers (and palms and irises and faces) have increasingly been used as a means of biometric authentication. But doesn't this all make biometrics like passwords? What happens if someone obtains, say, my fingerprint just like they may obtain my password in a data breach or a phishing attack?

Authentication 335

Authentication Passwords Data breaches Risk 335

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated alerts.

Internet 128

Internet Internet Data breaches Authentication 128

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.”

Passwords 269

Passwords Authentication Accountability Mobile 269

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. In the first step of the attack, they peppered the target’s Apple device with notifications from Apple by attempting to reset his password.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Krebs on Security

JANUARY 17, 2019

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. Sanixer says Collection #1 was from a mix of sources. .”

Passwords 55

Passwords Accountability Hacking Password Management 55

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords 319

Passwords Encryption Password Management Cryptocurrency 319

Malwarebytes

FEBRUARY 21, 2025

One of the most impactful data breaches last year was of Change HealthCare, which impacted an estimated 190 million people. In recent news, security researcher Jeremiah Fowler, who specializes in finding unprotected databases, uncovered a non-password-protected database that contained over 1.6 Change your password.

Healthcare 117

Healthcare Data breaches Passwords Phishing 117

Krebs on Security

JUNE 28, 2019

says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. As it happened, the PCM employee was not using multi-factor authentication. Countless data breaches are tied to weak or default settings.

Authentication 264

Authentication Accountability Data breaches Software 264

Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today. 3,768,890 passwords.

Passwords 234

Passwords Accountability Authentication Data breaches 234

The Last Watchdog

JULY 24, 2023

Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies. Today, bad actors are ruthlessly skilled at cracking passwords – whether through phishing attacks, social engineering, brute force, or buying them on the dark web. Some solutions do this today.

Authentication 245

Authentication Passwords Phishing Social Engineering 245

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

The Last Watchdog

NOVEMBER 22, 2021

Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science. 1) Create sufficiently-complex passwords. 2) NEVER reuse a password.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. Because of the data breach notification from Maine’s Attorney General, that number now has a little more clarity. Change your password.

Data breaches 115

Data breaches Passwords Ransomware Phishing 115

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 347

Data breaches Passwords Authentication Accountability 347

Malwarebytes

JUNE 1, 2024

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week : Ticketmaster has suffered a data breach. For now, Ticketmaster users should keep an eye on their credit and bank accounts for an unauthorized transactions and follow our general data breach tips below. Change your password.

Data breaches 145

Data breaches Passwords Phishing Password Management 145

The Last Watchdog

AUGUST 19, 2021

The attacker claims to have compromised an end-of-lifed GPRS system that was exposed to the internet and was able to pivot from it to the internal network, where they were able to launch a brute force authentication attack against internal systems. Most immediately is the ubiquity of 2-factor authentication.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. ” The prevalence of RedLine and other info-stealers means that a great many consequential security breaches begin with cybercriminals abusing stolen employee credentials.

Cybercrime 338

Cybercrime Passwords Authentication Malware 338

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords 363

Passwords Password Management Phishing Scams 363

Malwarebytes

MARCH 25, 2024

Vans says there’s no evidence suggesting any actual impact on any individual consumer whose personal data were part of the affected data set, but it does warn about phishing and fraud attempts which could lead to identity theft. Change your password. You can make a stolen password useless to thieves by changing it.

Data breaches 134

Data breaches Phishing Identity Theft Passwords 134

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Change your password.

Accountability 84

Accountability Data breaches Passwords Phishing 84

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS.

Hacking 332

Hacking Phishing Cybercrime Passwords 332

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). Because both of these breaches were announced/updated in the second quarter of 2024 they have a huge impact on the numbers. Change your password.

Data breaches 127

Data breaches Passwords Identity Theft Phishing 127

Hacker's King

DECEMBER 28, 2024

A compromised password can lead to identity theft and data breaches. To safeguard your Gmail password, you need to adopt a few best practices that will enhance your accounts security and keep cyber threats at bay. Avoid weak and common passwords like password123 or qwerty.

Passwords 52

Passwords Identity Theft Accountability Data breaches 52

Malwarebytes

JANUARY 10, 2025

Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out whats happened, and follow any specific advice they offer. Change your password.

Ransomware 97

Ransomware Data breaches Passwords Phishing 97

Malwarebytes

OCTOBER 8, 2024

Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 123

Data breaches Passwords Identity Theft Phishing 123

Malwarebytes

JUNE 14, 2024

The online handle of the seller immediately raised the suspicion that this was yet another Snowflake related data breach. Post by Sp1d3r on breach forum The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019.

Data breaches 115

Data breaches Banking Passwords Phishing 115

Malwarebytes

AUGUST 27, 2024

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification , reporting that the data of 500,474 people has been accessed in an external system breach. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 119

Data breaches Passwords Phishing Password Management 119

Security Affairs

NOVEMBER 16, 2023

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. ” reads the data breach notification sent to the customers.

Data breaches 139

Data breaches eCommerce Hacking Passwords 139

Malwarebytes

JULY 8, 2024

On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. To cybercriminals the list has some value because it contains real-world passwords.

Passwords 138

Passwords Authentication Data breaches Accountability 138

The Last Watchdog

JUNE 9, 2021

Massive data base breaches today generally follow a distinctive pattern: hack into a client -facing application; manipulate an API; follow the data flow to gain access to an overly permissive database or S3 bucket (cloud storage). A classic example of this type of intrusion is the Capital One data breach.

Data breaches 203

Data breaches Software Hacking Mobile 203

Malwarebytes

APRIL 2, 2024

Protecting yourself from a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer. Change your password.

Data breaches 145

Data breaches Passwords Phishing Accountability 145

The Last Watchdog

NOVEMBER 19, 2023

As the companies face nine federal lawsuits for failing to protect customer data, it’s abundantly clear hackers have checkmated multi-factor authentication (MFA). But the coup de gras was how easily they brushed aside the multi-factor authentication protections. Reduce the amount of time a temporary password can be used.

Social Engineering 310

Social Engineering Passwords Authentication Marketing 310

Malwarebytes

JULY 12, 2024

Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer. Change your password.

Data breaches 144

Data breaches Passwords Phishing Password Management 144