Troy Hunt

SEPTEMBER 3, 2020

You've possibly just found out you're in a data breach. The organisation involved may have contacted you and advised your password was exposed but fortunately, they encrypted it. Isn't the whole point of encryption that it protects data when exposed to unintended parties? But you should change it anyway.

Passwords 363

Passwords Encryption Data breaches Risk 363

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The data may also include your address and phone number if you have provided that to us.”

Passwords 362

Passwords Authentication Firmware Accountability 362

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs.

VPN 130

VPN Passwords Firewall Firmware 130

Troy Hunt

FEBRUARY 26, 2018

tl;dr - a collection of nearly 3k alleged data breaches has appeared with a bunch of data already proven legitimate from previous incidents, but also tens of millions of addresses that haven't been seen in HIBP before. It's also interesting because among nearly 3k other breaches, the data contains Dropbox.

Data breaches 245

Data breaches Passwords Accountability Password Management 245

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group.

Hacking 232

Hacking Cybercrime Advertising Data breaches 232

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. The seller also published a sample of the stolen data and some screenshots. Free S.A.S.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.” Image: Blog.google.

Passwords 270

Passwords Authentication Accountability Mobile 270

Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data.

Passwords 346

Passwords Accountability VPN Malware 346

The Last Watchdog

NOVEMBER 22, 2021

More Americans than ever are working remotely and seeking out entertainment online, and this increase of internet activity has fueled a dramatic spike in cybercrime. With so much critical data now stored in the cloud, how can people protect their accounts? Proper password hygiene doesn’t require a degree in rocket science.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Tech Republic Security

OCTOBER 11, 2024

The Internet Archive, a non-profit digital library best known for its Wayback Machine, has disclosed a major data breach affecting over 31 million users.

Internet 183

Internet Internet Accountability Data breaches 183

Troy Hunt

NOVEMBER 5, 2018

Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture. It's totally going to kill passwords! I know, massive shock right?

Passwords 239

Passwords Authentication Data breaches Accountability 239

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords 363

Passwords Password Management Phishing Scams 363

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. This is when hackers try usernames and password combos leaked in data breaches at other companies, hoping that some users might have reused usernames and passwords across services.

Passwords 252

Passwords Accountability Hacking Education 252

Troy Hunt

NOVEMBER 21, 2017

But it's exactly what it sounds like and on Thursday next week, I'll be up in front of US congress on the other side of the world testifying about the impact of data breaches. For a bit more context, I've been chatting with folks from the House Energy and Commerce Committee for a while now about the mechanics of data breaches.

Data breaches 232

Data breaches InfoSec Backups IoT 232

Malwarebytes

MARCH 26, 2025

Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. Hunt also noticed that, when he tried to log into his Mailchimp account by following the phishing emails link, his password manager did not auto-fill his account details.

Phishing 114

Phishing Data breaches Password Management Scams 114

The Last Watchdog

AUGUST 19, 2021

The configuration issue made this access point publicly available on the Internet. T-Mobile is offering two free years of identity protection for affected customers, but ultimately this is pushing the responsibility for the safety of the data onto the user. For T-Mobile, this is the sixth major breach since 2018.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Hot for Security

APRIL 28, 2021

The online musical instrument marketplace Reverb has suffered a data breach which has exposed the personal details of 5.6 According to Diachenko, the exposed data included information about high profile rock musicians such as Bill Ward of Black Sabbath, Jimmy Chamberlin of the Smashing Pumpkins, Alessandro Cortini of Nine Inch Nails.

Data breaches 139

Data breaches Passwords Internet Internet 139

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks.

Passwords 131

Passwords Data breaches Hacking Accountability 131

Hot for Security

JUNE 8, 2021

The most extensive data leak collection to date, dubbed ‘RockYou2021’, was dumped on popular hacking forums earlier this month. billion password entries, presumably obtained from previous data leaks and breaches. Cybercriminals can use the database to conduct password-spraying or brute force attacks.

Passwords 145

Passwords Accountability Password Management Internet 145

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below the list of top data breaches that took place in the last 12 months: May 2020 – CAM4 adult cam site leaked 11B database records including emails, private chats.

Data breaches 145

Data breaches Cybercrime Hacking Passwords 145

Adam Levin

MARCH 23, 2020

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Your password should be include letters, numbers and special characters in a combination you haven’t used on other accounts. Update Account Passwords: Don’t reuse passwords from other accounts.

Manufacturing 245

Manufacturing Passwords Phishing Accountability 245

Adam Levin

JULY 10, 2020

2020 is on the path to becoming a record-breaking year for data breaches and compromised personal data. While the number of publicly reported breaches in Q1 2020 decreased by 58% compared to 2019, the coronavirus pandemic gave cybercriminals new ways to thrive,” wrote Bitdefender researcher and blogger Alina Bizga.

Data breaches 252

Data breaches Social Engineering Antivirus Scams 252

Krebs on Security

NOVEMBER 14, 2024

A week after breaking the story about the 2013 data breach at Target, KrebsOnSecurity published Who’s Selling Cards from Target? . “I’m also godfather of his second son.” ” Dmitri Golubov, circa 2005. Image: U.S. Postal Investigative Service. “Hi, how are you?” ” he inquired.

Retail 258

Retail Advertising Cryptocurrency Marketing 258

SecureWorld News

MARCH 24, 2022

Now, headlines about ransomware, cyberattacks, and data breaches pour into social media feeds as steady as a river flows. SecureWorld News takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Who attacked: no attacker.

Data breaches 129

Data breaches Passwords Accountability Government 129

The Last Watchdog

JUNE 9, 2021

Massive data base breaches today generally follow a distinctive pattern: hack into a client -facing application; manipulate an API; follow the data flow to gain access to an overly permissive database or S3 bucket (cloud storage). A classic example of this type of intrusion is the Capital One data breach.

Data breaches 203

Data breaches Software Hacking Mobile 203

CyberSecurity Insiders

AUGUST 12, 2021

The Korean based company that is into the business of perfume and clothes selling said that the data leak took place on August 8th, 2021 and was because of a cyber attack on a cloud based data storage firm. The post Data Breach on French Luxury brand Chanel appeared first on Cybersecurity Insiders.

Data breaches 145

Data breaches Social Engineering Retail Cyber Attacks 145

CyberSecurity Insiders

DECEMBER 26, 2022

Now, reports are in that the database of the Pennsylvania based digital services provider was hit by a cyber attack leading to a data breach, thus leaking details to hackers. And when they tried to access the account, their attempts failed as their passwords were changed.

Data breaches 133

Data breaches Accountability Internet Internet 133

Malwarebytes

JUNE 3, 2022

Welcome to Internet Safety Month, a once-a-year event in which you, the public, are told that anywhere between three and 30 different best practices will simplify your approach to staying safe online. This year, then, for Internet Safety Month, we’re packaging our advice a little differently. Do use strong passwords.

Internet 131

Internet Internet Scams Passwords 131

Troy Hunt

DECEMBER 3, 2023

” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. Inevitably, "because data breaches", and it's nuts just how much exposure this project has had because of them. 🤣", the internet quipped.

Data breaches 363

Data breaches Passwords Internet Internet 363

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This breach is also being publicly shared on the internet. Change your password.

Accountability 79

Accountability Data breaches Passwords Phishing 79

Graham Cluley

MARCH 15, 2022

Last month, the LAPSUS$ hacking group stole up to one terabyte of internal data, including hashed passwords, from graphics card maker NVIDIA.

Passwords 141

Passwords Internet Internet Hacking 141

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. It involves regularly changing passwords and inventorying sensitive data. There are several ways you can protect your business from data breaches. Change passwords regularly. Inventory your sensitive data.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. As it happens, Plex announced its own data breach one day before LastPass disclosed its initial August intrusion.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Webroot

MAY 3, 2022

Passwords have become a common way to access and manage our digital lives. Having a password allows you to securely access your information, pay bills or connect with friends and family on various platforms. However, having a password alone is not enough. Your passwords also need to be managed and protected.

Passwords 131

Passwords Identity Theft Password Management Antivirus 131

Webroot

MAY 31, 2024

What is Internet Safety Month? Each June, the online safety community observes Internet Safety Month as a time to reflect on our digital habits and ensure we’re taking the best precautions to stay safe online. 2 64% of Americans have experienced a data breach. 3 95% of cybersecurity breaches are due to human error.

Internet 123

Internet Internet Identity Theft Passwords 123

Krebs on Security

MARCH 15, 2021

com , a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.

Passwords 346

Passwords Accountability Hacking Data breaches 346

Troy Hunt

DECEMBER 15, 2021

The machine had full disk encryption and it's not known whether the thief was ever actually able to access the data. Is this a data breach? the Red Cross wasn't hacked either and that was clearly a data breach. It's not clear if the car was locked or not. They want answers.

Data breaches 339

Data breaches Hacking Passwords Accountability 339