The information related to more than million Facebook users and included phone numbers, account names, and Facebook IDs. However, two years later April the data was posted for free, indicating new and real criminal intent surrounding the data.
In fact, given the sheer number of phone numbers impacted and readily available on the dark web as a result of the incident, security researcher Troy Hunt added functionality to his HaveIBeenPwned HIBP breached credential checking site that would allow users to verify if their phone numbers had been included in the exposed dataset.
The Facebook data changed all that. Hotel Marriot International announced the exposure of sensitive details belonging to half a million Starwood guests following an attack on its systems in September Marriott quickly engaged leading security experts to help determine what occurred.
Marriott learned during the investigation that there had been unauthorized access to the Starwood network since For some, the information also included payment card numbers and expiration dates, though these were apparently encrypted. Marriot carried out an investigation assisted by security experts following the breach and announced plans to phase out Starwood systems and accelerate security enhancements to its network. An article by New York Times attributed the attack to a Chinese intelligence group seeking to gather data on US citizens.
Making its second appearance in this list is Yahoo, which suffered an attack in separate to the one in cited above. On this occasion, state-sponsored actors stole data from million accounts including names, email addresses, phone numbers, hashed passwords, and dates of birth. Given the sensitive nature of the services offered by the company — which include casual hookup and adult content websites like Adult Friend Finder, Penthouse.
Though it had long stopped being the powerhouse that it once was, social media site MySpace hit the headlines in after million user accounts were leaked onto both LeakedSource. In order to protect our users, we have invalidated all user passwords for the affected accounts created prior to June 11, , on the old Myspace platform.
These users returning to Myspace will be prompted to authenticate their account and to reset their password by following instructions. Passwords Hacking attacks may well be the most common cause of a data breach but it is often a weak or lost password that is the vulnerability that is being exploited by the opportunist hacker. Simple Solution: Use complex passwords and never share passwords. Back Doors, Application Vulnerabilities Why bother breaking the door down when the door is already open?
Simple Solution: Keep all software and hardware solutions fully patched and up to date. Malware The use of both direct and in-direct Malware is on the rise. Social Engineering As a hacker, why go to the hassle of creating your own access point to exploit when you can persuade others with a more legitimate claim to the much sought after data, to create it for you?
Too Many Permissions Overly complex access permissions are a gift to a hacker. In such cases, it is best to take note of the following practices.
Like it? Add this infographic to your site: 1. Click on the box below. Posted in Cyber Attacks , Data Breach. This site uses Akismet to reduce spam. Learn how your comment data is processed.
We took at look at each of those in this blog and see which one comes out on top. Designed and delivered by cyber security experts, this one-day course is ideal for those who want comprehensive overview of the steps they should be taking to protect themselves and their organisation from a range of threats, including: Malware; Phishing; Password security; Mobile device security; Social media threats; and The risks involved in remote working.
A version of this blog was originally published on 12 March Related Posts. One Response.
0コメント