#breach — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #breach, aggregated by home.social.
-
I feel the need to reiterate that salting and hashing passwords has been a best practice in the cybersecurity industry since Morris and Thompson invented the concept of a salt in 1979. Yes, 47 years ago.
There is absolutely zero excuse—none, nada, zilch—for any internet-connected application ever to have been built with plaintext password storage.
The mind boggles.
#infosec #breach #KDDI
https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/ -
I feel the need to reiterate that salting and hashing passwords has been a best practice in the cybersecurity industry since Morris and Thompson invented the concept of a salt in 1979. Yes, 47 years ago.
There is absolutely zero excuse—none, nada, zilch—for any internet-connected application ever to have been built with plaintext password storage.
The mind boggles.
#infosec #breach #KDDI
https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/ -
A #PuertoRico Government Agency Exposed 1 Million #SocialSecurityNumbers
The government agency that collects property #taxes in Puerto Rico inadvertently exposed the #SocialSecurity numbers of approximately 1 million people, Centro de Periodismo Investigativo and ProPublica learned.It was the latest #cybersecurity lapse for the Puerto Rico government, which in the past three years has seen technology #breaches interrupt government services, take websites offline and lead to citizens’ personal information being published on the dark web.
#privacy #security #breach #ssnhttps://www.propublica.org/article/puerto-rico-crim-data-breach
-
A #PuertoRico Government Agency Exposed 1 Million #SocialSecurityNumbers
The government agency that collects property #taxes in Puerto Rico inadvertently exposed the #SocialSecurity numbers of approximately 1 million people, Centro de Periodismo Investigativo and ProPublica learned.It was the latest #cybersecurity lapse for the Puerto Rico government, which in the past three years has seen technology #breaches interrupt government services, take websites offline and lead to citizens’ personal information being published on the dark web.
#privacy #security #breach #ssnhttps://www.propublica.org/article/puerto-rico-crim-data-breach
-
GitLost: How We Tricked GitHub's AI Agent into Leaking Private Repos - Noma Security #leak #ai #breach #dataprivacy https://noma.security/blog/gitlost-how-we-tricked-githubs-ai-agent-into-leaking-private-repos/
-
GitLost: How We Tricked GitHub's AI Agent into Leaking Private Repos - Noma Security #leak #ai #breach #dataprivacy https://noma.security/blog/gitlost-how-we-tricked-githubs-ai-agent-into-leaking-private-repos/
-
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions #leak #breach #dataprivacy https://thehackernews.com/2026/07/new-trojpix-attack-leaks-data-from-air.html
-
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions #leak #breach #dataprivacy https://thehackernews.com/2026/07/new-trojpix-attack-leaks-data-from-air.html
-
Secret #Claude #tracker shocks users after Anthropic’s anti-surveillance stance
#Anthropic quickly removed a tracker secretly #monitoring #ClaudeCode users in #China after a #security researcher exposed the hidden code and condemned the spyware-like tracking as a “serious #breach of user trust.”
#surveillance #privacy #spyware -
Secret #Claude #tracker shocks users after Anthropic’s anti-surveillance stance
#Anthropic quickly removed a tracker secretly #monitoring #ClaudeCode users in #China after a #security researcher exposed the hidden code and condemned the spyware-like tracking as a “serious #breach of user trust.”
#surveillance #privacy #spyware -
Windows 11 identifier used to track Scattered Spider perp after Microsoft shared info with FBI 19-year-old US-Estonian hacker arrested over alleged ties to infamous extortion group #windows #microsoft #hacker #breach https://www.tomshardware.com/software/windows-11-identifier-used-to-track-scattered-spider-perp-after-microsoft-shared-info-with-fbi-19-year-old-us-estonian-hacker-arrested-over-alleged-ties-to-infamous-extortion-group
-
Windows 11 identifier used to track Scattered Spider perp after Microsoft shared info with FBI 19-year-old US-Estonian hacker arrested over alleged ties to infamous extortion group #windows #microsoft #hacker #breach https://www.tomshardware.com/software/windows-11-identifier-used-to-track-scattered-spider-perp-after-microsoft-shared-info-with-fbi-19-year-old-us-estonian-hacker-arrested-over-alleged-ties-to-infamous-extortion-group
-
Forget Code: AI Is Learning to Hack Society #ai #breach #hack #hacker https://singularityhub.com/2026/06/29/forget-code-ai-is-learning-to-hack-society/
-
Forget Code: AI Is Learning to Hack Society #ai #breach #hack #hacker https://singularityhub.com/2026/06/29/forget-code-ai-is-learning-to-hack-society/
-
The problem with #DigitalID and #AgeGating is the organisations involved.
The politicians who are responsible for bringing in the regulations are merely trying to gain favour from the voting population and know little about what they are doing. They appear to see the limit of their responsibility is to hand the work to a company for a reasonable cost without specifying or checking any level of competancy or professionalism. "Buck passing" would appear to be the correct phrase.
The companies winning the contract have only one thing on their mind, making profit for themselves or their shareholders. The majority of these systems must be very, very round because all the corners appear to have been cut!
-
A U.S. court dismissed a data breach class action because plaintiffs couldn't prove "traceable injury." Technically correct — but this legal threshold keeps raising the bar for breach accountability. Harm from exposed data is often slow, diffuse, and hard to pin. The law and the threat model aren't quite aligned yet. #infosec #breach #privacy
https://malware.news/t/first-circuit-affirms-dismissal-of-data-breach-class-action-for-lack-of-traceable-injury/108251 -
LastPass notifies users of yet another data breach
https://9to5mac.com/2026/06/23/lastpass-notifies-users-of-yet-another-data-breach/
#HackerNews #LastPass #data #breach #cybersecurity #passwordsecurity #usernotification #dataprivacy
-
LastPass notifies users of yet another data breach
https://9to5mac.com/2026/06/23/lastpass-notifies-users-of-yet-another-data-breach/
#HackerNews #LastPass #data #breach #cybersecurity #passwordsecurity #usernotification #dataprivacy
-
La "double peine" des fuites de données : d'abord l'exposition, ensuite l'exploitation des données volées pour des attaques ciblées (phishing, credential stuffing). Ce n'est pas un phénomène nouveau, mais il reste sous-estimé dans les analyses post-breach. Le vrai risque commence souvent après l'alerte initiale. #infosec #breach #dataprivacy
https://www.zdnet.fr/actualites/fuites-de-donnees-mefiez-vous-de-la-double-peine-497601.htm#xtor=RSS-1 -
I cannot stress this enough; do not use LastPass. No password manager should have this number of security breaches, and still be considered a major player.
"LastPass confirms customer support data was stolen in the Klue breach."
https://blog.lastpass.com/posts/klue-supply-chain-incident-and-lastpass-response
#lastpass #security #tech #infotech #passwordManager #breach
-
I cannot stress this enough; do not use LastPass. No password manager should have this number of security breaches, and still be considered a major player.
"LastPass confirms customer support data was stolen in the Klue breach."
https://blog.lastpass.com/posts/klue-supply-chain-incident-and-lastpass-response
#lastpass #security #tech #infotech #passwordManager #breach
-
Only in capitalism can a company fail this much and still be in business
LastPass notifies users of yet another data breach - 9to5Mac
https://9to5mac.com/2026/06/23/lastpass-notifies-users-of-yet-another-data-breach/
-
Only in capitalism can a company fail this much and still be in business
LastPass notifies users of yet another data breach - 9to5Mac
https://9to5mac.com/2026/06/23/lastpass-notifies-users-of-yet-another-data-breach/
-
" #SomeoneYouLoved" is a song by Scottish singer-songwriter #LewisCapaldi. It was released on 8 November 2018 via digital download through #VertigoRecords, as the third single from his second extended play, #Breach (2018). The song was later included on his debut studio album, #DivinelyUninspiredToAHellishExtent (2019). It was written by Capaldi, #SamuelRomans, and its producers #ThomasBarnes, #PeterKelleher and #BenjaminKohn.
https://www.youtube.com/watch?v=_gg2yipMww4 -
" #SomeoneYouLoved" is a song by Scottish singer-songwriter #LewisCapaldi. It was released on 8 November 2018 via digital download through #VertigoRecords, as the third single from his second extended play, #Breach (2018). The song was later included on his debut studio album, #DivinelyUninspiredToAHellishExtent (2019). It was written by Capaldi, #SamuelRomans, and its producers #ThomasBarnes, #PeterKelleher and #BenjaminKohn.
https://www.youtube.com/watch?v=_gg2yipMww4 -
Another LastPass breach, through a 3rd party (Klue). They claim it’s only customer contact data (only!), and doesn’t include data in your vault (passwords,…). Sigh
“Through the Klue integration, an unauthorized party was able to gain access to certain data within the LastPass Salesforce CRM. That data included customer contact details, organizational and account information, and customer support case records. “
-
Another LastPass breach, through a 3rd party (Klue). They claim it’s only customer contact data (only!), and doesn’t include data in your vault (passwords,…). Sigh
“Through the Klue integration, an unauthorized party was able to gain access to certain data within the LastPass Salesforce CRM. That data included customer contact details, organizational and account information, and customer support case records. “
-
NSA director: 'Mythos "broke into almost all of our classified systems in hours"
#HackerNews #NSA #Mythos #Cybersecurity #Breach #Classified #Systems #Threat #Intelligence
-
NSA director: 'Mythos "broke into almost all of our classified systems in hours"
#HackerNews #NSA #Mythos #Cybersecurity #Breach #Classified #Systems #Threat #Intelligence
-
Massive #breach spills #credentials for thousands of sensitive networks
Researchers have uncovered a massive breach of #Fortinet #firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including #Oracle , #Chevron , #Lenovo , #FederalExpress , a #NATO defense contractor, and Fortinet itself.
Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries have been compromised and their plaintext #credentials exposed online, Bob Diachenko, a #security researcher and head of SecurityDiscovery.com, said online and in an interview. He said he found the data after gaining access to the attackers’ command-and-control server and other #infrastructure. The exposed data also included the industry, revenue, and employee count for each compromised organization.
#russian #russia -
Massive #breach spills #credentials for thousands of sensitive networks
Researchers have uncovered a massive breach of #Fortinet #firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including #Oracle , #Chevron , #Lenovo , #FederalExpress , a #NATO defense contractor, and Fortinet itself.
Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries have been compromised and their plaintext #credentials exposed online, Bob Diachenko, a #security researcher and head of SecurityDiscovery.com, said online and in an interview. He said he found the data after gaining access to the attackers’ command-and-control server and other #infrastructure. The exposed data also included the industry, revenue, and employee count for each compromised organization.
#russian #russia -
I joined @huntress because I want to do my part to save the world. That's not bragging or hyperbole. I believe that, every day, in law offices and dental clinics and at construction companies and coffee shops, we're watching your back so you can concentrate on those things that you excel at, and make life better for those around you.
As an industry we're now seeing that cybersecurity has done such a good job at this, as a whole, the attackers are now targeting us - sometimes first - and trying to throw us off our game.
Never gonna happen. The solution to this is for the #infosec space to unify and stay strong. Not unify like "get acquired' but "get aligned" and realize that, even as competitors, we're all pressing toward the same goal: messing up a cybercriminal's day.
I said it last summer, and it was as true this morning as it was then: The Infosec industry is a critical infrastructure, and it both needs and deserves its own #ISAC. I will work with anyone who shares that goal to help me make that a reality.
So with all that, I wanted to share that I worked with some of my colleagues on this rapid response the past day and a half, and I'm pretty proud of the result.
https://www.huntress.com/blog/klue-breach-investigation
#Klue #breach #DataBreach #RapidResponse #IR #DFIR #tokens #compromise #integration #SalesForce #SFDC #Gong #huntress
-
I joined @huntress because I want to do my part to save the world. That's not bragging or hyperbole. I believe that, every day, in law offices and dental clinics and at construction companies and coffee shops, we're watching your back so you can concentrate on those things that you excel at, and make life better for those around you.
As an industry we're now seeing that cybersecurity has done such a good job at this, as a whole, the attackers are now targeting us - sometimes first - and trying to throw us off our game.
Never gonna happen. The solution to this is for the #infosec space to unify and stay strong. Not unify like "get acquired' but "get aligned" and realize that, even as competitors, we're all pressing toward the same goal: messing up a cybercriminal's day.
I said it last summer, and it was as true this morning as it was then: The Infosec industry is a critical infrastructure, and it both needs and deserves its own #ISAC. I will work with anyone who shares that goal to help me make that a reality.
So with all that, I wanted to share that I worked with some of my colleagues on this rapid response the past day and a half, and I'm pretty proud of the result.
https://www.huntress.com/blog/klue-breach-investigation
#Klue #breach #DataBreach #RapidResponse #IR #DFIR #tokens #compromise #integration #SalesForce #SFDC #Gong #huntress
-
Dying Light 2 acaba de receber uma nova expansão de conteúdos denominada The Breach. Esta nova expansão traz novos desafios e conteúdos ao jogo.
🔗 https://tugatech.com.pt/t85323-dying-light-2-recebe-a-nova-expansao-de-conteudos-the-breach
-
Dying Light 2 acaba de receber uma nova expansão de conteúdos denominada The Breach. Esta nova expansão traz novos desafios e conteúdos ao jogo.
🔗 https://tugatech.com.pt/t85323-dying-light-2-recebe-a-nova-expansao-de-conteudos-the-breach
-
I just got one of those "we've been breached" letters. Some medical thing, but it's not clear which. Names are unfamiliar. Maybe a processor or support service.
This one said basically, "they got it all: ID's, SSN, insurance, medical condition, treatment."
BUT, "security is important to us, so here's a free year of credit monitoring" (by a company name that I also don't recognize.)
I trust the monitoring about zero. Some credit card banks offer it anyway. So, I have that.
-
This. This article is the answer to the question: "How to we connect customer accounts to our chatbot?" You know you'll be asked if you haven't already.
https://www.securityweek.com/meta-says-20000-instagram-accounts-hacked-via-ai-tool-abuse/
-
This. This article is the answer to the question: "How to we connect customer accounts to our chatbot?" You know you'll be asked if you haven't already.
https://www.securityweek.com/meta-says-20000-instagram-accounts-hacked-via-ai-tool-abuse/
-
My #SSN was exposed in a #breach at Columbia—a school I have no connection with
A weird text from my dad in February sent me on a months-long quest to solve a mystery that has been troubling an odd group of victims from a #ColumbiaUniversity data breach last year. That group? People with absolutely no connection to the school.
The text included a photo of a letter from #Columbia , informing me that I was a victim of a data breach last June, one that exposed a wide range of sensitive information, including 1.8 million #SocialSecurity numbers.
#privacy #security -
My #SSN was exposed in a #breach at Columbia—a school I have no connection with
A weird text from my dad in February sent me on a months-long quest to solve a mystery that has been troubling an odd group of victims from a #ColumbiaUniversity data breach last year. That group? People with absolutely no connection to the school.
The text included a photo of a letter from #Columbia , informing me that I was a victim of a data breach last June, one that exposed a wide range of sensitive information, including 1.8 million #SocialSecurity numbers.
#privacy #security -
Hackers Used Meta's AI Support Bot to Seize Instagram Accounts #hacker #breach #hack #instagram https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
-
Hackers Used Meta's AI Support Bot to Seize Instagram Accounts #hacker #breach #hack #instagram https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
-
#Dashlane is being cagey about what exactly was wrong with their automated defenses which enabled attackers to brute-force like 20 users' vaults.
Here's my explanation of what I think happened:
https://federate.social/@jik/116694985659498974
#infosec #breach -
🔥 رائج
📢 Carnival Corporation Data Breach Exposed Just Under 6 Million Records - شبكة تواصل الإخبارية
#Carnival #Corporation #Data #Breach #GlobalFeed #News #AR
*تم النشر تلقائيًا بواسطة Global Feed Bot*