Research Team Analysis

WEEKLY REVIEW FROM THE BREACHAWARE RESEARCH TEAM
Share this analysis

513,970 leaked accounts discovered by the BreachAware® Research Team last week.

24 October 2022

A total of 12 breaches were found and analysed resulting in 513,970 leaked accounts containing a total of 15 different data types. The breaches found publicly and freely available included Nova FM, Svet Mobilne, Redawning, Ministry of Social Policy and World Check. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A US travel agency is having a rather bad week as a large sql file from their website has been posted to a well known hacking channel. It includes their entire user base along with various pieces of company information. The company brands themselves as a marketing and reservation solution for holiday homes. Splashed across their website are some big names in the industry, including booking.com, while boasting of "over twenty thousand short term rentals across the world". Unfortunately a number of datasets have been disclosed in the breach such as mobile numbers, usernames and over 60,000 unique email addresses accompanied with hashed passwords.

Another US based marketing company falls foul to hackers this week with a company specialising in "intuitive software for business" hacked and having a large selection of their user base dumped online. The company in question speaks proudly of their decade plus of experience building solutions for business firms, with 110 marketing engineers and 3 offices across the globe. However despite their success data under their control is being posted online. Names, hashed passwords and mobile numbers are just three of the many datasets which make up this breach.

It is critical to take your health seriously; I personally ensure that the team consumes at least 7 cups of coffee per day to avoid repetitive strain injury. But this next New York based sports nutrition site, which "provides personalised protein powder blends based on specific needs" seems to have taken health so seriously they have forgotten about their security, resulting in a large data breach. Late last week, a file containing various information on their users was posted to a popular hacking channel, exposing full names, payment methods and unique email addresses.

DATA CATEGORIES DISCOVERED

Contact Data, Technical Data, Socia-Demographic Data, National Identifiers, Financial Data, Transactional Data.

  • Key Statistics
  • Breaches Discovered
    12
  • ACCOUNTS DISCOVERED
    513,970
  • DATA TYPES DISCOVERED
    15