12/25/2023 0 Comments Linkedin data breach 2022In response to the incidents, T-Mobile shared the following statement with KrebsOnSecurity: As some of the gang members argued over whether to focus on the SIM swapping tactic, one person used the access to run an automated script that downloaded more than 30,000 source code repositories from T-Mobile. Using T-Mobile VPN credentials purchased on the dark web, the Lapsus$ members were able to gain access to Atlas, a T-Mobile tool for managing customer accounts, according to KrebsOnSecurity. SEE: Mobile device security policy (TechRepublic Premium) Must-read security coverageĪtlas VPN Review (2023): Features, Pricing, AlternativesĪustralia, New Zealand Enterprises Spend Big on Security - But Will It Be Enough? Known as SIM swapping, this tactic reassigns a phone number to a device owned by the attackers, allowing them to intercept text messages and phone calls for password resets and multi-factor authentication codes. In a post from Friday, security site KrebsOnSecurity revealed leaked chat messages between members of the Lapsus$ gang in which they discussed targeting T-Mobile employees with social engineering tactics designed to give them access to a victim’s mobile phone number. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March. Through multiple breaches, the Lapsus$ cybercriminal group was able to steal source code from T-Mobile, says KrebsOnSecurity. Users should also enable Linkedin’s two step verification to add an extra layer of protection for their accounts.T-Mobile hit by data breaches from Lapsus$ extortion group Regular changing of passwords should also be practiced. Linkedin users who have used the service for over 4 years are recommended to change passwords immediately. In the meantime, we are using automated tools to attempt to identify and block any suspicious activity that might occur on affected accounts.” Scott added, “We have demanded that parties cease making stolen password data available and will evaluate potential legal action if they fail to comply. Regarding the additional data reported from the same breach, Scott said the company has started invalidating the passwords for all LinkedIn accounts created before 2012 that haven’t changed passwords since the breach. For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication.” LinkedIn’s Chief Information Security Officer Cory Scott said, “We take the safety and security of our members’ accounts seriously. His respondents verified that the passwords in the breach were the ones that they were using at the time of the initial breach.Īn official statement from LinkedIn said it is aware of the situation, and its immediate response included a mandatory reset of accounts believed to be compromised. Troy Hunt, researcher from the breach notification site Have I Been Pwned? contacted victims of the data breach. Shared samples of the database was shared to Motherboard by LeakedSource and showed that the database comprised of email addresses, passwords, and the hacked passwords. Both Peace and LeackedSource claim that the database contains 167 million accounts with 117 cracked passwords, and not just 6.5 million, as was previously reported. Paid hacked data search engine LeakedSource also claims that they too have the data. Now, a hacker named “Peace” is selling the stolen database for 5 bitcoin, or close to 2,200 USD. It was later discovered that 6.5 million account credentials were posted on a Russian password forum for the world to see. In 2012, Linkedin suffered a data breach where hackers were found to have stolen password hashes. Long time users of Linkedin users may very well need to change their passwords once more as a cybercriminal puts the email addresses and passwords of 117 million users up for sale.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |