Below you'll find a list of all posts that have been categorized as “Data Breaches”
How Hackers Are Actually Using Exposed Passwords to Infiltrate Active Directory Recent reports like the Verizon DBIR have noted that stolen credentials are often the foothold that attackers use to compromise networks and systems. A simple phishing or credential stuffing attack becomes the entry point for a much larger enterprise, like data theft, ransomware, or system hijacking. This is rather …
According to Verizon’s recently released 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials. We analyzed the findings and uncovered some additional data points that underscore how pervasive and detrimental poor password practices are to businesses today. Looking at the DBIR data in detail, approximately 35% of all breaches were …
Fraud and account take-over cost companies billions of dollars every year. Many of these successful attacks are the result of credential stuffing, a vulnerability created by users’ reuse of passwords across systems and websites. Because of the risk of exposed passwords, the US-based National Institute of Standards and Guidelines (NIST) recommends screening accounts against lists of commonly-used and compromised credentials, …
Capital One Financial Corporation just disclosed a cyber security incident that impacts about 100 million people in the U.S. and 6 million in Canada. The customer data was illegally accessed sometime between March 12 and July 17, according to federal prosecutors. According to CapitalOne’s site, the largest category of information that was accessed was from consumers and small businesses that applied …
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
Hackers are actively targeting those 3rd party sellers using stolen and compromised credentials (a password and user name combo) to gain access to the seller’s accounts, costing them tens of thousands of dollars.
Back in August, a hacker named peace_of_mind claimed to be selling a database containing credentials for 200 million Yahoo accounts.
At the time Yahoo indicated they were investigating the matter, but could not confirm.
Today, Yahoo confirmed that 500 million accounts were compromised in what we believe is the largest known data breach in history.
