home.social

#breach — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #breach, aggregated by home.social.

fetched live
  1. I feel the need to reiterate that salting and hashing passwords has been a best practice in the cybersecurity industry since Morris and Thompson invented the concept of a salt in 1979. Yes, 47 years ago.
    There is absolutely zero excuse—none, nada, zilch—for any internet-connected application ever to have been built with plaintext password storage.
    The mind boggles.
    #infosec #breach #KDDI
    bleepingcomputer.com/news/secu

  2. I feel the need to reiterate that salting and hashing passwords has been a best practice in the cybersecurity industry since Morris and Thompson invented the concept of a salt in 1979. Yes, 47 years ago.
    There is absolutely zero excuse—none, nada, zilch—for any internet-connected application ever to have been built with plaintext password storage.
    The mind boggles.
    #infosec #breach #KDDI
    bleepingcomputer.com/news/secu

  3. A #PuertoRico Government Agency Exposed 1 Million #SocialSecurityNumbers

    The government agency that collects property #taxes in Puerto Rico inadvertently exposed the #SocialSecurity numbers of approximately 1 million people, Centro de Periodismo Investigativo and ProPublica learned.

    It was the latest #cybersecurity lapse for the Puerto Rico government, which in the past three years has seen technology #breaches interrupt government services, take websites offline and lead to citizens’ personal information being published on the dark web.
    #privacy #security #breach #ssn

    propublica.org/article/puerto-

  4. A #PuertoRico Government Agency Exposed 1 Million #SocialSecurityNumbers

    The government agency that collects property #taxes in Puerto Rico inadvertently exposed the #SocialSecurity numbers of approximately 1 million people, Centro de Periodismo Investigativo and ProPublica learned.

    It was the latest #cybersecurity lapse for the Puerto Rico government, which in the past three years has seen technology #breaches interrupt government services, take websites offline and lead to citizens’ personal information being published on the dark web.
    #privacy #security #breach #ssn

    propublica.org/article/puerto-

  5. Secret #Claude #tracker shocks users after Anthropic’s anti-surveillance stance

    #Anthropic quickly removed a tracker secretly #monitoring #ClaudeCode users in #China after a #security researcher exposed the hidden code and condemned the spyware-like tracking as a “serious #breach of user trust.”
    #surveillance #privacy #spyware

    arstechnica.com/tech-policy/20

  6. Secret #Claude #tracker shocks users after Anthropic’s anti-surveillance stance

    #Anthropic quickly removed a tracker secretly #monitoring #ClaudeCode users in #China after a #security researcher exposed the hidden code and condemned the spyware-like tracking as a “serious #breach of user trust.”
    #surveillance #privacy #spyware

    arstechnica.com/tech-policy/20

  7. cambridgeanalytica.org/data-br

    The problem with #DigitalID and #AgeGating is the organisations involved.

    The politicians who are responsible for bringing in the regulations are merely trying to gain favour from the voting population and know little about what they are doing. They appear to see the limit of their responsibility is to hand the work to a company for a reasonable cost without specifying or checking any level of competancy or professionalism. "Buck passing" would appear to be the correct phrase.

    The companies winning the contract have only one thing on their mind, making profit for themselves or their shareholders. The majority of these systems must be very, very round because all the corners appear to have been cut!

    #privacy #breach #databreach

  8. A U.S. court dismissed a data breach class action because plaintiffs couldn't prove "traceable injury." Technically correct — but this legal threshold keeps raising the bar for breach accountability. Harm from exposed data is often slow, diffuse, and hard to pin. The law and the threat model aren't quite aligned yet. #infosec #breach #privacy
    malware.news/t/first-circuit-a

  9. La "double peine" des fuites de données : d'abord l'exposition, ensuite l'exploitation des données volées pour des attaques ciblées (phishing, credential stuffing). Ce n'est pas un phénomène nouveau, mais il reste sous-estimé dans les analyses post-breach. Le vrai risque commence souvent après l'alerte initiale. #infosec #breach #dataprivacy
    zdnet.fr/actualites/fuites-de-

  10. I cannot stress this enough; do not use LastPass. No password manager should have this number of security breaches, and still be considered a major player.

    "LastPass confirms customer support data was stolen in the Klue breach."

    blog.lastpass.com/posts/klue-s

    #lastpass #security #tech #infotech #passwordManager #breach

  11. I cannot stress this enough; do not use LastPass. No password manager should have this number of security breaches, and still be considered a major player.

    "LastPass confirms customer support data was stolen in the Klue breach."

    blog.lastpass.com/posts/klue-s

    #lastpass #security #tech #infotech #passwordManager #breach

  12. " #SomeoneYouLoved" is a song by Scottish singer-songwriter #LewisCapaldi. It was released on 8 November 2018 via digital download through #VertigoRecords, as the third single from his second extended play, #Breach (2018). The song was later included on his debut studio album, #DivinelyUninspiredToAHellishExtent (2019). It was written by Capaldi, #SamuelRomans, and its producers #ThomasBarnes, #PeterKelleher and #BenjaminKohn.
    youtube.com/watch?v=_gg2yipMww4

  13. " #SomeoneYouLoved" is a song by Scottish singer-songwriter #LewisCapaldi. It was released on 8 November 2018 via digital download through #VertigoRecords, as the third single from his second extended play, #Breach (2018). The song was later included on his debut studio album, #DivinelyUninspiredToAHellishExtent (2019). It was written by Capaldi, #SamuelRomans, and its producers #ThomasBarnes, #PeterKelleher and #BenjaminKohn.
    youtube.com/watch?v=_gg2yipMww4

  14. Another LastPass breach, through a 3rd party (Klue). They claim it’s only customer contact data (only!), and doesn’t include data in your vault (passwords,…). Sigh

    “Through the Klue integration, an unauthorized party was able to gain access to certain data within the LastPass Salesforce CRM. That data included customer contact details, organizational and account information, and customer support case records. “

    #lastpass #computersecurity #breach

  15. Another LastPass breach, through a 3rd party (Klue). They claim it’s only customer contact data (only!), and doesn’t include data in your vault (passwords,…). Sigh

    “Through the Klue integration, an unauthorized party was able to gain access to certain data within the LastPass Salesforce CRM. That data included customer contact details, organizational and account information, and customer support case records. “

    #lastpass #computersecurity #breach

  16. #ISRAEL-#LEBANON #CEASEFIRE, IMMEDIATELY FOLLOWED BY #BREACH ACCUSATIONS: Despite the announced ceasefire that was established at 4:00 p.m. on #June 19, #Israeli #forces continued their #strikes on Lebanon in the very first hours after it took effect.

    france24.com/en/live-news/2026

  17. #ISRAEL-#LEBANON #CEASEFIRE, IMMEDIATELY FOLLOWED BY #BREACH ACCUSATIONS: Despite the announced ceasefire that was established at 4:00 p.m. on #June 19, #Israeli #forces continued their #strikes on Lebanon in the very first hours after it took effect.

    france24.com/en/live-news/2026

  18. Massive #breach spills #credentials for thousands of sensitive networks

    Researchers have uncovered a massive breach of #Fortinet #firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including #Oracle , #Chevron , #Lenovo , #FederalExpress , a #NATO defense contractor, and Fortinet itself.

    Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries have been compromised and their plaintext #credentials exposed online, Bob Diachenko, a #security researcher and head of SecurityDiscovery.com, said online and in an interview. He said he found the data after gaining access to the attackers’ command-and-control server and other #infrastructure. The exposed data also included the industry, revenue, and employee count for each compromised organization.
    #russian #russia

    arstechnica.com/security/2026/

  19. Massive #breach spills #credentials for thousands of sensitive networks

    Researchers have uncovered a massive breach of #Fortinet #firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including #Oracle , #Chevron , #Lenovo , #FederalExpress , a #NATO defense contractor, and Fortinet itself.

    Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries have been compromised and their plaintext #credentials exposed online, Bob Diachenko, a #security researcher and head of SecurityDiscovery.com, said online and in an interview. He said he found the data after gaining access to the attackers’ command-and-control server and other #infrastructure. The exposed data also included the industry, revenue, and employee count for each compromised organization.
    #russian #russia

    arstechnica.com/security/2026/

  20. I joined @huntress because I want to do my part to save the world. That's not bragging or hyperbole. I believe that, every day, in law offices and dental clinics and at construction companies and coffee shops, we're watching your back so you can concentrate on those things that you excel at, and make life better for those around you.

    As an industry we're now seeing that cybersecurity has done such a good job at this, as a whole, the attackers are now targeting us - sometimes first - and trying to throw us off our game.

    Never gonna happen. The solution to this is for the #infosec space to unify and stay strong. Not unify like "get acquired' but "get aligned" and realize that, even as competitors, we're all pressing toward the same goal: messing up a cybercriminal's day.

    I said it last summer, and it was as true this morning as it was then: The Infosec industry is a critical infrastructure, and it both needs and deserves its own #ISAC. I will work with anyone who shares that goal to help me make that a reality.

    So with all that, I wanted to share that I worked with some of my colleagues on this rapid response the past day and a half, and I'm pretty proud of the result.

    huntress.com/blog/klue-breach-

    #Klue #breach #DataBreach #RapidResponse #IR #DFIR #tokens #compromise #integration #SalesForce #SFDC #Gong #huntress

  21. I joined @huntress because I want to do my part to save the world. That's not bragging or hyperbole. I believe that, every day, in law offices and dental clinics and at construction companies and coffee shops, we're watching your back so you can concentrate on those things that you excel at, and make life better for those around you.

    As an industry we're now seeing that cybersecurity has done such a good job at this, as a whole, the attackers are now targeting us - sometimes first - and trying to throw us off our game.

    Never gonna happen. The solution to this is for the #infosec space to unify and stay strong. Not unify like "get acquired' but "get aligned" and realize that, even as competitors, we're all pressing toward the same goal: messing up a cybercriminal's day.

    I said it last summer, and it was as true this morning as it was then: The Infosec industry is a critical infrastructure, and it both needs and deserves its own #ISAC. I will work with anyone who shares that goal to help me make that a reality.

    So with all that, I wanted to share that I worked with some of my colleagues on this rapid response the past day and a half, and I'm pretty proud of the result.

    huntress.com/blog/klue-breach-

    #Klue #breach #DataBreach #RapidResponse #IR #DFIR #tokens #compromise #integration #SalesForce #SFDC #Gong #huntress

  22. Dying Light 2 acaba de receber uma nova expansão de conteúdos denominada The Breach. Esta nova expansão traz novos desafios e conteúdos ao jogo.

    🔗 tugatech.com.pt/t85323-dying-l

    #breach 

  23. Dying Light 2 acaba de receber uma nova expansão de conteúdos denominada The Breach. Esta nova expansão traz novos desafios e conteúdos ao jogo.

    🔗 tugatech.com.pt/t85323-dying-l

    #breach 

  24. I just got one of those "we've been breached" letters. Some medical thing, but it's not clear which. Names are unfamiliar. Maybe a processor or support service.

    This one said basically, "they got it all: ID's, SSN, insurance, medical condition, treatment."

    BUT, "security is important to us, so here's a free year of credit monitoring" (by a company name that I also don't recognize.)

    I trust the monitoring about zero. Some credit card banks offer it anyway. So, I have that.

    #breach #security

  25. This. This article is the answer to the question: "How to we connect customer accounts to our chatbot?" You know you'll be asked if you haven't already.

    securityweek.com/meta-says-200

    #ai #breach

  26. This. This article is the answer to the question: "How to we connect customer accounts to our chatbot?" You know you'll be asked if you haven't already.

    securityweek.com/meta-says-200

    #ai #breach

  27. My #SSN was exposed in a #breach at Columbia—a school I have no connection with

    A weird text from my dad in February sent me on a months-long quest to solve a mystery that has been troubling an odd group of victims from a #ColumbiaUniversity data breach last year. That group? People with absolutely no connection to the school.

    The text included a photo of a letter from #Columbia , informing me that I was a victim of a data breach last June, one that exposed a wide range of sensitive information, including 1.8 million #SocialSecurity numbers.
    #privacy #security

    arstechnica.com/tech-policy/20

  28. My #SSN was exposed in a #breach at Columbia—a school I have no connection with

    A weird text from my dad in February sent me on a months-long quest to solve a mystery that has been troubling an odd group of victims from a #ColumbiaUniversity data breach last year. That group? People with absolutely no connection to the school.

    The text included a photo of a letter from #Columbia , informing me that I was a victim of a data breach last June, one that exposed a wide range of sensitive information, including 1.8 million #SocialSecurity numbers.
    #privacy #security

    arstechnica.com/tech-policy/20

  29. #Dashlane is being cagey about what exactly was wrong with their automated defenses which enabled attackers to brute-force like 20 users' vaults.
    Here's my explanation of what I think happened:
    federate.social/@jik/116694985
    #infosec #breach

  30. 🔥 رائج

    📢 Carnival Corporation Data Breach Exposed Just Under 6 Million Records - شبكة تواصل الإخبارية

    🔗 news.google.com/rss/articles/C

    #Carnival #Corporation #Data #Breach #GlobalFeed #News #AR

    *تم النشر تلقائيًا بواسطة Global Feed Bot*

  31. Another leak in #korea, be careful #tving #leak #breach

    Hackers breach Tving database, exposing user data - The Korea Herald
    m.koreaherald.com/article/1076