Monday, January 24, 2022
Have I Been Pwned

Open Subtitles – 6,783,158 breached accounts

In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost 7M subscribers' personal data including email and IP addresses, usernames, the country of the user and passwords stored as...
Have I Been Pwned

Upstox – 111,002 breached accounts

In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive "know...
Have I Been Pwned

Aditya Birla Fashion and Retail – 5,470,063 breached accounts

In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next...
Have I Been Pwned

FlexBooker – 3,750,176 breached accounts

In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.75 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data....
Have I Been Pwned

DatPiff – 7,476,940 breached accounts

In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M...
Have I Been Pwned

RedLine Stealer – 441,657 breached accounts

In December 2021, logs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher Bob Diachenko. The data included usernames, email addresses and plain text passwords.
Have I Been Pwned

Protemps – 49,591 breached accounts

In October 2021, the Singaporean recruitment website Protemps suffered a data breach that exposed almost 50,000 unique email addresses. The impacted data includes names, email and physical addresses, phone numbers, passport numbers and passwords stored as unsalted MD5 hashes,...
Have I Been Pwned

Gravatar – 113,990,759 breached accounts

In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . The scraped data included 167 million names, usernames and MD5 hashes of email addresses...
Have I Been Pwned

IDC Games – 3,966,871 breached accounts

In March 2021, 4 million records source from IDC Games was shared on a public hacking forum. The data included usernames, email addresses and passwords stored as salted MD5 hashes.
Have I Been Pwned

Ducks Unlimited (unverified) – 1,324,364 breached accounts

In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website...
Have I Been Pwned

ActMobile (unverified) – 1,583,193 breached accounts

In October 2021, security researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN. The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all...
Have I Been Pwned

CoinMarketCap – 3,117,548 breached accounts

During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded on hacking forums. Whilst the email addresses were found to correlate with CoinMarketCap accounts, it's unclear precisely how they...
Have I Been Pwned

Thingiverse – 228,102 breached accounts

In October 2021, a database backup taken from the 3D model sharing service Thingiverse began extensively circulating within the hacking community. Dating back to October 2020, the 36GB file contained 228 thousand unique email addresses, mostly alongside comments left...
Have I Been Pwned

Playbook – 50,538 breached accounts

In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email...
Have I Been Pwned

Fantasy Football Hub – 66,479 breached accounts

In October 2021, the fantasy premier league (soccer) website Fantasy Football Hub suffered a data breach that exposed 66 thousand unique email addresses. The data included names, usernames, IP addresses, transactions and passwords stored as WordPress MD5 hashes.

AT&T announces multi-gigabit fiber: $110 a month for 2Gbps, $180 for 5Gbps

Enlarge (credit: Getty Images | zf L) AT&T has started offering 2Gbps and 5Gbps symmetrical Internet speeds over its fiber-to-the-home network, the telecom company announced today. The multi-gigabit speeds are...

Registration for the (ISC)² Entry-Level Cybersecurity Certification Exam Pilot Program Is Now Open

New certification validates students' and career changers' foundational skills and helps kickstart their cybersecurity careers.
SecurityWeek

DC, 3 States Sue Google Saying it Invades Users' Privacy

The District of Columbia and three states are suing Google for allegedly deceiving consumers and invading their privacy by making it nearly impossible for them to stop their location from being tracked. read more
Security Affairs

A flaw in Rust Programming language could allow to delete files and directories

The maintainers of the Rust programming language fixed a high-severity flaw that could allow attackers to delete files and directories from a vulnerable system. The maintainers of the Rust programming language have released a security update for a high-severity...
TechRepublic

Personal identifying information for 1.5 billion users was stolen in 2021, but from where?

Threat intelligence company Black Kite found that the majority of attacks were against healthcare providers, involved ransomware and succeeded thanks to software vulnerabilities.