Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can be easily discovered. The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left data inadvertently exposed. […]
View More Dozens of companies leaked sensitive data thanks to misconfigured Box accountsCategory: data breach
California to close data breach notification loopholes under new law
California, which has some of the strongest data breach notification laws in the U.S., thinks it can do even better. The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the requirements for companies to notify users or customers […]
View More California to close data breach notification loopholes under new lawClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks
In just a week, a single seller put close to 750 million records from 24 hacked sites up for sale. Now, the hacker has struck again. The hacker, whose identity isn’t known, began listing user data from several major websites — including MyFitnessPal, 500px and Coffee Meets Bagel, and more recently Houzz and Roll20 — earlier this week. […]
View More ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacksMarriott now lets you check if you’re a victim of the Starwood hack
Hotel chain giant Marriott will now let you check if you’re a victim of the Starwood hack. The company confirmed to TechCrunch that it has put in place “a mechanism to enable guests to look up individual passport numbers to see if they were included in the set of unencrypted passport numbers.” That follows a statement […]
View More Marriott now lets you check if you’re a victim of the Starwood hackHacker who stole 620 million records strikes again, stealing 127 million more
A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from 8 more websites, TechCrunch has learned. The hacker, whose listing was the previously disclosed data for about $20,000 in bitcoin on a dark web marketplace, stole the data last year from several major sites — […]
View More Hacker who stole 620 million records strikes again, stealing 127 million moreA new Congress means a new opportunity for consumer privacy protections
Debra Berlyn Contributor Share on Twitter Debra Berlyn is the president of Consumer Policy Solutions and the executive director of Project GOAL, a project to raise awareness of both the benefits and challenges of innovative new technologies for the aging community. The 2018 mid-term elections, for the first time in U.S. history, resulted in a […]
View More A new Congress means a new opportunity for consumer privacy protectionsHave your passwords been stolen by hackers? New Chrome extension will let you know
If you have multiple online accounts (you probably do), and you’ve been on the internet for more than a few years, chances are at least some of your passwords have ended up in the wrong hands. Proof: Huge databases of stolen email/password combinatio…
View More Have your passwords been stolen by hackers? New Chrome extension will let you knowCambridge Analytica whistleblower takes a data job at fashion giant H&M
The whistleblower who exposed the massive Cambridge Analytica data scandal has found himself an interesting new job.
Christopher Wylie, who blew the whistle on how Facebook user data was collected by his former employer to help Donald Trump win the 2…
Houzz resets user passwords after data breach
Houzz, a $4 billion-valued home improvement startup that recently laid off 10 percent of its staff, has admitted a data breach. A reader contacted TechCrunch on Thursday with a copy of an email sent by the company. It doesn’t say much — such as when the breach happened, or if a hacker to blame or if […]
View More Houzz resets user passwords after data breachSingapore says personal details of 14,200 HIV patients were posted online
For the second time inside a year, private health information belonging to people in Singapore has been compromised. Following a hack disclosed last summer that affected the patient records of up to 1.5 million citizens, Singapore’s Ministry of Health revealed today that personal details and the HIV-positive status of 14,200 people were posted online by a convinced […]
View More Singapore says personal details of 14,200 HIV patients were posted onlineMassive mortgage and loan data leak gets worse as original documents also exposed
Remember that massive data leak of mortgage and loan data we reported on Wednesday? In case you missed it, millions of documents were found leaking after an exposed Elasticsearch server was found without a password. The data contained highly sensitive financial data on tens of thousands of individuals who took out loans or mortgages over […]
View More Massive mortgage and loan data leak gets worse as original documents also exposedNearly 22 million unique passwords leaked in ‘Collection #1’ data breach
/https%3A%2F%2Fblueprint-api-production.s3.amazonaws.com%2Fuploads%2Fcard%2Fimage%2F918388%2F8793e12d-be41-4d72-b0d3-0a68929e854c.png)
It’s time to change your password again.
More than 87GB of passwords and email addresses have been leaked and distributed in a folder dubbed “Collection #1” by hackers in a significant data breach.
As detailed by security researcher Troy Hunt, the trove of nearly 22 million unique passwords and more than 772 million email addresses was hosted on cloud storage service MEGA.
The link to the dump was posted on a hacking forum, but has been since taken down from the service.
New breach: The “Collection #1” credential stuffing list began broadly circulating last week and contains 772,904,991 unique email addresses with plain text passwords (now in Pwned Passwords). 82% of addresses were already in @haveibeenpwned. Read more: https://t.co/BAa3rbgZo4
— Have I Been Pwned (@haveibeenpwned) January 16, 2019 Read more…
More about Tech, Cybersecurity, Data Breach, Tech, and Cybersecurity
View More Nearly 22 million unique passwords leaked in ‘Collection #1’ data breach