Archive for February 13, 2019

This Latest Data Breach Has 617 Million People Affected…. Sadly, That’s Not Big Anymore

Posted in Commentary with tags on February 13, 2019 by itnerd

Another day, another data breach. This time The Register has news on a data breach that affects….. wait for it…. At least 617 million accounts:

Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove’s seller.

For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor network:

Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700,000).

It’s been confirmed that the data breach is real and affected sites are alerting their users and taking measures to try and protect their users. And the fact that the data is up for sale means that the effects will go on for months and years. Still, it’s not as big as the data breach that involved 2.2 billion accounts that came to light earlier this year. But it is still scary.

As for how you can protect yourself, you can visit Hunt’s Have I Been Pwned service to see if you are affected by this breach.

 

Advertisements

TekSavvy Calls On CRTC To Correct Flawed Report And Explain Missing Data

Posted in Commentary with tags on February 13, 2019 by itnerd

TekSavvy Solutions Inc. today issued a letter which can be found at https://teksavvy.com/Media/Default/Regulatory/TekSavvy-Letter-CRTC-CMR2018.pdf [Warning: PDF] to the CRTC calling for greater transparency and disclosure regarding its Communications Monitoring Report, published on 20 December 2018.

At the heart of the CRTC’s mandate is to serve the public interest by consulting and informing Canadians about its work.  Published annually by the CRTC, the Communications Monitoring Report provides comprehensive data and analysis about Canada’s communications sector. Each edition of the report serves as an important source of public evidence to inform Canadians and enable them to participate meaningfully in the CRTC’s proceedings.

The 2018 Report did not follow standard practices, which the CRTC applied in past reports to ensure high-quality data and relevant evidence for its proceedings.  In particular, the 2018 Report omitted important data that had been included in past reports and repeatedly cited as key evidence in an open proceeding when the 2018 Report was published and such data was omitted from it.

Here’s some commentary from Andy Kaplan-Myrth, TekSavvy’s VP, Regulatory & Carrier Affairs:

“The CRTC has long recognized that the annual Communications Monitoring Report serves a vital public purpose: to provide Canadians with the information they require to effectively participate in its proceedings. Without explanation, the 2018 Communications Monitoring Report broke with standards that the CRTC itself deemed necessary for past reports to fulfill that purpose.”

“We’re asking the CRTC to explain these changes and omissions, to provide more information about the standards it applied to this latest edition, and to issue an amendment to the 2018 Report that presents all omitted data as transparently as possible”

VFEmail.net Pwned…. ALL Customer Emails Deleted

Posted in Commentary with tags on February 13, 2019 by itnerd

Hackers have breached the severs of email provider VFEmail.net and wiped the data from all its US servers, destroying all US customers’ data in the process:

The attack took place yesterday, February 11, and was detected after the company’s site and webmail client went down without notice. “At this time, the attacker has formatted all the disks on every server,” the company said yesterday. “Every VM is lost. Every file server is lost, every backup server is lost. This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy,” VFEmail said. The company’s staff is now working to recover user emails, but as things stand right now, all data for US customers appears to have been deleted for good and gone into /dev/null.

/dev/null is a UNIX/LINUX term for a deletion point with little to no hope of recovery. Think of a trash can that burns anything put into it. Which means that any customer who hosted email on this platform is likely screwed. I have to admit that I was blown away by the scale of this attack, and the fact that it was an attack in the purest sense. I can’t recall seeing anything like this before. I have to wonder if this is the start of a trend.

Another thing that popped to mind. Why did this happen in the first place? Why was this firm a target for this attack? I guess we’ll never know that.