'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
Ransomware gangs' security breached.
15 May 2022A total of 11 breaches were found and analysed resulting in 53,569,722 leaked accounts containing a total of 19 different data types. The breaches found publicly and freely available included Acxiom, BizAway, Path 2 USA, Ebay and Channel Navigator. Sign in to view the full
BreachAware
Breach Index which includes, where available, reference articles relating to
each breach.
SPOTLIGHT
A breach that caught our eye was a South African travel website. We're not sure how long the breach has been flying around. The passwords had already been de-hashed, resulting in a file with the email addresses and plain text passwords being dumped on an underground forum and quickly beginning to circulate. The breach consisted of 133,000 compromised credentials however this is a good example of how people use their work email address to book travel and holiday, as the number of companies caught up with this small breach was disproportionately high.
Other news, a ransomware gang had their own security breached when login details and an onion address for their affiliate site were posted on an underground forum. We’re not sure who was the original user, but after reading the thread, someone's in trouble. The login details gave access to the affiliate section of the site.
A proxy provider has experienced a large data breach, and section of their user-base has been exposed online with a sizeable amount of datasets. The website states they provide seven million different proxy's. Spooning through the data we’ve seen lot of emails with a list of IP address’s attached. This could be a gold mine for anyone conducting any OSINT work.
Another interesting set of data compromised came from an eBay store. Not a large number of compromised accounts but different data types compared to the last reported breach incident from 2014 where some 145 million user records were compromised.
And our week would not be complete without a bitcoin company's data being compromised. This time it was company called BitHoven with exposed email addresses and passwords. Other companies last week impacted were business intelligence, marketing (massive), education, IT, media and gaming companies/forums.
Data Categories Discovered
Contact Data, Financial Data, Usage Data, Socia-Demographic Data, Social Relationships Data, Locational Data, Technical Data, Behavioural Data.
