A total of 8 breaches were found and analysed resulting in 1,294,601 leaked accounts containing a total of 16 different data types. The breaches found publicly and freely available included Jewel Scent, Gato Preto, Le Coq Sportif, Stealer - Mixed Logs 0302 and Store Pas Cher. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

An American bath product and candle company has suffered a significant data breach, it may have seemed they waxed there money on a nice sleek website instead of a their security. Founded in 2013 with the goal of creating high quality, clean burning candles and bath products, the company also operates an affiliate program and wholesale discount program.

As well as a traditional furniture store based in Vancouver, with its own warehouse and distribution centre, also recently suffered a data breach. The company started in 2005 and has been growing from strength to strength. Unfortunately for the company and its customers, their entire user-base has been dumped online and is now in circulation.

VULNERABILITY CHAT

The world's leading gaming brand is back in the news again after threat actors gained access to their servers and stole a large amount of data. However, things have gotten a lot worse for the company in question, hackers have posted the source code and private keys to the dark web. This poses a serious risk for owners of the hardware as threat actors can disguise malware as a firmware update, a classic trojan horse. Which would foil the security mechanisms that are in place. Software like Digi Certificate will think the firmware update is actually signed by the company.

INFORMATION PRIVACY HEADLINES

A hospital doctor in England, described as a "stalker" accessed and shared highly sensitive information about a women and her children despite the doctor not being involved in her care. A representative from a health data privacy group described the situation as "a systematic problem" and warned "if you're registered with the NHS in England, this could happen to you."

Google has been accused of breaking EU data privacy rules after it was discovered they are retaining personal information of job candidates dated as far back as 2011, according to an article by Fortune. Google's internal gHire database is said to contain profiles of people in the EU and UK with names, phone numbers, email addresses and so on.