Wednesday, April 24, 2019
Have I Been Pwned

Club Penguin Rewritten – 1,688,176 breached accounts

In January 2018, the children's gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney's Club Penguin game). The incident exposed almost 1.7 million unique email addresses alongside IP addresses, usernames...
Have I Been Pwned

Morele.net – 2,467,304 breached accounts

In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.
Have I Been Pwned

Bukalapak – 13,369,666 breached accounts

In March 2019, the Indonesian e-commerce website Bukalapak discovered a data breach of the organisation's backups dating back to October 2017. The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt...
Have I Been Pwned

DataCamp – 760,561 breached accounts

In January 2017, the data science website DataCamp suffered a data breach. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, the data appeared listed for sale on...
Have I Been Pwned

Knuddels – 808,330 breached accounts

In September 2018, the German social media website Knuddels suffered a data breach. The incident exposed 808k unique email addresses alongside usernames, real names, the city of the person and their password in plain text. Knuddels was subsequently fined...
Have I Been Pwned

Demon Forums – 52,623 breached accounts

In February 2019, the hacking forum Demon Forums suffered a data breach. The compromise of the vBulletin forum exposed 52k unique email addresses alongside usernames and passwords stored as salted MD5 hashes.
Have I Been Pwned

Everybody Edits – 871,190 breached accounts

In March 2019, the multiplayer platform game Everybody Edits suffered a data breach. The incident exposed 871k unique email addresses alongside usernames and IP addresses. The data was subsequently distributed online across a collection of files.
Have I Been Pwned

Intelimost – 3,073,409 breached accounts

In March 2019, a spam operation known as "Intelimost" sent millions of emails appearing to come from people the recipients knew. Security researcher Bob Diachenko found over 3 million unique email addresses in an exposed Elasticsearch database, alongside plain...
Have I Been Pwned

Whitepages – 11,657,763 breached accounts

In mid-2016, the telephone and address directory service Whitepages was among a raft of sites that were breached and their data then sold in early-2019. The data included over 11 million unique email addresses alongside names and passwords stored...
Have I Been Pwned

500px – 14,867,999 breached accounts

In mid-2018, the online photography community 500px suffered a data breach. The incident exposed almost 15 million unique email addresses alongside names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash. In 2019, the data...
Have I Been Pwned

Bookmate – 3,830,916 breached accounts

In mid-2018, the social ebook subscription service Bookmate was among a raft of sites that were breached and their data then sold in early-2019. The data included almost 4 million unique email addresses alongside names, genders, dates of birth...
Have I Been Pwned

HauteLook – 28,510,459 breached accounts

In mid-2018, the fashion shopping site HauteLook was among a raft of sites that were breached and their data then sold in early-2019. The data included over 28 million unique email addresses alongside names, genders, dates of birth and...
Have I Been Pwned

8fit – 15,025,407 breached accounts

In July 2018, the health and fitness service 8fit suffered a data breach. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses...
Have I Been Pwned

ixigo – 17,204,697 breached accounts

In January 2019, the travel and hotel booking site ixigo suffered a data breach. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers,...
Have I Been Pwned

Houzz – 48,881,308 breached accounts

In mid-2018, the housing design website Houzz suffered a data breach. The company learned of the incident later that year then disclosed it to impacted members in February 2019. Almost 49 million unique email addresses were in the breach...

Stuxnet Family Tree Grows

What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
ZDNet

Another dark web marketplace bites the dust –Wall Street Market

Two major dark web marketplaces for buying illegal products shut down in the span of a month.

Google File Cabinet Plays Host to Malware Payloads

Researchers detect a new drive-by download attack in which Google Sites' file cabinet template is a delivery vehicle for malware.

Demonstration Showcase Brings DevOps to Interop19

Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
isBuzz

What Home Buying Can Teach Us About Continuous Monitoring

Companies have been brainwashed to solely rely on hiring major auditing companies to help monitor and audit their vendors’ security. Assessments from these traditional auditors are typically an annual point-in-time affair. With technology advancing much more frequently, this outdated...