Archive for May 28, 2025

LexisNexis Pwned With The Personal Data Of 360,000 Out In The Wild

Posted in Commentary with tags on May 28, 2025 by itnerd

 It was confirmed today that information belonging to more than 360,000 people was leaked in a data breach affecting an arm of the analytics giant LexisNexis.

The breach occurred on December 25th, but Lexis Nexis only discovered it on April 1st, 2025, and is just starting to notify people. The company says it “promptly launched an investigation” and “notified law enforcement” once it discovered the breach, adding that the types of information exposed “varied by affected individual.” 

LexisNexis spokesperson Jennifer Richman told TechCrunch that an attacker obtained the data through the firm’s GitHub account. Neither LexisNexis nor GitHub immediately responded to The Verge’s request for comment.

LexisNexis is one of the biggest data brokers in the US, as it works to collect and sell vast amounts of personal information for fraud and risk assessment. Last year, LexisNexis was named in a report from The New York Times, which found that automakers had been sharing driving data with the firm that the firm then sold to insurance companies, leading to higher premiums for the drivers. Other than serving as a data broker, LexisNexis also offers access to a database of news articles, public records, and legal documents.

Chris Hauk, Consumer Privacy Champion at Pixel Privacy had this to say:

“Data breaches like this one underscore the need for users to remove their personal data from as many data brokers as possible. Data brokers are popular targets among the bad actors of the world, as they are literal treasure troves of personal and often financial information. This one is particularly troubling due to what was exposed, including driver’s license and Social Security numbers, as well as date of birth. This information is of value to hackers, as it can be used to open fraudulent accounts in the victim’s name, and it can also be used to gain access to current financial accounts.”

“There needs to be more legislation as to how data brokers collect, store, and share and sell users’ information. Personally, I am not a fan of LexisNexis, following the retaliation it conducted against the group of users that filed a class action lawsuit against the company last year, by freezing their credit and falsely reporting them as identity theft victims. This is uncalled for and is what should be considered criminal conduct. At the very least, it was childish.”

A data breach at a company like LexisNexis is not just bad news, it’s horrible news. The damage that this creates is potentially huge and underscores why personal data needs to be better controlled.

UPDATE: James McQuiggan, security awareness advocate at KnowBe4 added this comment:

“Third-party integrations can expose organizations to serious risk. When sensitive data flows through external platforms, oversight must match internal standards. Token misuse, shared credentials, and poor API security create vulnerabilities that attackers exploit without breaching your perimeter.

Security questionnaires and audits often miss insecure development practices in vendor tools. Many organizations trust integrations by default without visibility into how data is accessed or stored. Vendor risk is operational risk, and short-lived API tokens can be considered. Organizations and security teams should build incident response plans that account for data leaks caused by third parties, not just direct attacks. You can’t outsource responsibility without oversight.”

Leave a comment »

KnowBe4 Named to Newsweek’s List of the 2025 Global Most Loved Workplaces

Posted in Commentary with tags on May 28, 2025 by itnerd

Newsweek Magazine today announced the 2025 Top 100 Global Most Loved Workplaces®, developed in partnership with Most Loved Workplace®, a division of Best Practice Institute (BPI). KnowBe4 was ranked #51 on this prestigious list, which highlights companies across the globe where employees genuinely love to work.

Now in its third year, the Top 100 Global Most Loved Workplaces® list is based on research from BPI’s Love of Workplace Index®, drawing on data from more than two million employees worldwide. Companies featured have demonstrated extraordinary commitment to building cultures of trust, respect, purpose, and employee connection, regardless of size, location, or industry.

The ranking is informed by employee perspectives in five key areas: how positive employees feel about their future at the company, career achievement, alignment of employer values with employee values, respect at all levels, and collaboration. Additional factors—such as diversity and belonging, leadership, and professional development—were also evaluated in relation to these core sentiment drivers.

To view the complete 2025 Global Most Loved Workplaces® list, visit https://rankings.newsweek.com/global-most-loved-workplaces-2025.

Methodology

The 2025 Global Most Loved Workplaces® list was developed in partnership with Best Practice Institute (BPI) using its proprietary Love of Workplace Index®, which includes direct employee survey responses and analysis across five core sentiment areas: employee satisfaction with future vision, career achievement, values alignment, respect, and collaboration. More than two million employees worldwide were surveyed across companies ranging in size from 10 to over 10,000 employees. Additional evaluation included written submissions and interviews with several hundred company executives, along with analysis of external public ratings. Newsweek’s global editorial team then conducted independent research to finalize the list—recognizing companies that place trust, belonging, and respect at the center of their business and workplace culture.

Leave a comment »

Massive data leak exposes 1.6M of Etsy and other TikTok shops customer details

Posted in Commentary with tags on May 28, 2025 by itnerd

The Cybernews research team has uncovered a major data breach affecting 1.6 million customers of Etsy, Poshmark, and other TikTok shops, primarily in the U.S., with some affected users in Canada and Australia.

Two exposed instances revealed shipping confirmation emails in HTML format, exposing personal information such as full names and addresses.

What data was leaked? 

  • Full names
  • Home addresses
  • Email addresses
  • Shipping order details

Why is an Etsy shipping email leak dangerous?

  • Attackers could impersonate Etsy or shipping providers to launch convincing phishing campaigns.
  • Leaked order details make fraudulent emails appear legitimate, increasing the success rate of scams.
  • Access to email and shipping info enables social engineering tactics to extract additional personal or financial data from victims.

To read the full research report, please click here.

Leave a comment »

Radiant Logic Unveils Real-Time Identity Observability Capabilities to its Identity Security Posture Management Platform 

Posted in Commentary with tags on May 28, 2025 by itnerd

Radiant Logic today announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility and context into the entire Identity and Access Management (IAM) ecosystem—empowering organizations to proactively detect, prioritize and remediate risks before they are exploited. 

Gartner® in their 2025 Guidance for Comprehensive IAM Architecture Strategy recommends organizations should “Invest in a centralized identity and access data platform that integrates discovery tools across all IAM layers to aggregate, correlate and reconcile identity and access data. Implement emerging artificial intelligence (AI)-driven identity and access intelligence solutions to enhance observability and automation to quickly remedy vulnerabilities or facilitate a response to identity threats.”  

RadiantOne discovers, correlates and unifies all human and non-human identity data through a centralized, AI-powered platform that delivers real-time visibility and risk remediation across an organization’s hybrid and multi-cloud environments.    

RadiantOne Key Features include:

  • Real-Time Discovery and Observability: Continuously monitors identity systems, change events and access paths—alerting teams to anomalies and deviations from policy. 
  • Unified Visibility Across the Identity Stack: Provides a graph-based, semantic model of the entire identity ecosystem, including Active Directory, LDAP, On-premise apps, Entra Identity, SaaS apps and more. 
  • Dynamic Risk Scoring: Uses advanced heuristics and pattern recognition to evaluate the maturity and risk of identities and access relationships. 
  • AI-Driven Remediation with AIDA: The AI Data Assistant (AIDA) analyzes complex identity relationships, recommends corrective actions, and facilitates collaborative remediation with line managers and resource owners. 
  • Dashboards and Reporting: Offers real-time identity hygiene monitoring, rich reporting, and maturity assessments to guide policy enforcement and compliance. 

Deployed as a SaaS solution or in a self-managed environment, the RadiantOne platform fits seamlessly into enterprise architectures and accelerates the time-to-value for identity-first security initiatives such as IAM, IGA, and Zero Trust—without the need to rip and replace.  

Leave a comment »

Darktrace uncovers novel botnet targeting IoT devices 

Posted in Commentary with tags on May 28, 2025 by itnerd

 Darktrace researchers have identified a novel Go-based Linux botnet named “PumaBot” targeting embedded Linux IoT devices – notably, the malware checks for the presence of the string “Pumatronix”, a manufacturer of surveillance and traffic camera systems. 

Unlike typical botnets that scan the entire internet, PumaBot uses a remote command-and-control (C2) server to get a list of devices to attack. It gains access by brute-forcing credentials and then disguises itself as legitimate software to avoid detection. The malware establishes persistence, creates multiple backdoors and performs checks to avoid honeypots or other restricted environments, suggesting a sophisticated campaign to establish long-term access to these systems.   

You can read this blog post here.

Leave a comment »

Introducing dmarcian

Posted in Commentary with tags on May 28, 2025 by itnerd

Founded in 2012 by the primary author of the DMARC specification, dmarcian is mission-driven to upgrading the entire world’s email by making DMARC accessible to all with free resources, educational guides, superior tooling and knowledgeable deployment support. They bring together thousands of senders, vendors, and operators in a common effort to build DMARC into the email ecosystem. By staying focused on its mission, dmarcian is able to continue to discover the challenges that everyone faces while deploying DMARC and help make the process as easy as possible.

Best in Class Tooling
dmarcian was formed at the birth of DMARC, offering the first public tooling to help people understand and deploy the control effectively. They created dmarc.io as a free, comprehensive listing of sources (any entity that can send email on behalf of a domain), and their capabilities to support DMARC, DKIM and SPF. Such clarity allows for deployment without disrupting an organization’s most vital business resource—their email.

Their powerful SaaS platform takes reports generated by DMARC and enhances them with its powerful source-classification engine, giving clear insight and actionable steps for a smooth deployment. The DMARC Management Platform offers extensive alerting and reporting so organizations are able to keep their domain catalogs safe and to efficiently deploy new email-based services. 

DMARC Academy
To advance their mission, dmarcian launched DMARC Academy, the first free, comprehensive DMARC curriculum, in May 2022. DMARC Academy provides an opportunity to understand DMARC and its underlying technologies, SPF and DKIM, and how to effectively deploy these technologies across organizations of all sizes to protect domains from phishing and abuse.

Proudly Independent & Self-Funded
dmarcian has expert staff around the world. With offices in key locations covering the Americas, EMEA, and APAC, they are able to meet people where they are and in their time zones while data remains local and in compliance with regulations. 

As a self-funded organization with a mission to help people deploy DMARC, dmarcian concentrates on making email more trustworthy by helping the people who are doing the real work of making it safe—not venture capitalists or investors. Being mission-driven advocates for safer and more reliable email has made dmarcian a trusted advisor among governments and working groups globally. 

Business as a Force for Good
dmarcian is a certified B Corporation, reflecting their values and operating principles upon which they were founded. B Corp certification is to sustainable business what Fair Trade certification is to coffee or USDA Organic certification is to produce. dmarcian continues to stand as stewards to the environment, their employees, and the communities they serve.

“It’s one thing to be part of a successful company, but when we use that success for the greater good—to connect to each other, to the community around us, and to the larger environment—it elevates that success beyond bettering ourselves and turns it into lasting change for a better world,” says Ehrow Draegen, dmarcian Chief Executive Officer.

Leave a comment »