A total of 5 breaches were found and analysed resulting in 34,030,384 leaked accounts containing a total of 12 different data types. The breaches found publicly and freely available included Just Date, Eat Street, Paytm, Mon Jardin a Vivre and Federal Bureau of Investigation. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

We often see a spike of domain scans on BreachAware when a big news event happens or a cyber attack occurs. This week twitter.com searches have gone through the roof as a result of Elon Musk purchasing twitter and today a further surge in scans due to the announcement on that said platform, by Austin Peay State University, that they have had a ransomware attack and to "shutdown all computers now"!

Universities have a uniques challenge on managing their flexible infrastructure and protecting their data, whilst maintaining governance and dealing with a transient dynamic user base that normally stays for only three years i.e. students. Protecting Intellectual Property is paramount not only to the University but to the countries economy so when we often look at the amount of compromised credentials, it is nigh on impossible to stop attacks. Just check out any UK or USA University. A lot of University's ignore this 'elephant in the room', compromised data. It is all about risk mitigation strategies.

Also this week, and reported in our monthly Insider Perspective Newsletter, Paytm, a popular digital payment system in India with over 300million users, had their data circulated on the underground forums and dark web. In August 2020, they suffered a ransomware attack, resulting in a large amount of their user data being stolen by threat actors. Datasets include physical addresses, names, and dates of birth. Breaches such as these tend to circulate the dark web until the commercial value has been maximised and then is released for public consumption.