Posts

Data Breach Notice: Bukalapak – 13,369,666 breached accounts

In March 2019, the Indonesian e-commerce website Bukalapak discovered a data breach of the organisation's backups dating back to October 2017. The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes. Prefer to get this by email? Sign-up to Data Breach mailing list   Stay safe out there!

“Does anyone know the password?”

Don’t let minor interruptions stop your business in 2019: If we look back at the statistics from 2018, it’s alarming to see that power interruptions accounted for 35% of disaster events (45% from hardware failure) and as the Dunder Mifflin team discovered, a minor power interruption can cause the server to reset and not being able to login to the server prevented the whole office from working… Takeaways: Do you have adequate power, surge protection and UPS equipment? Do you have [...]

Data Breach Notice: DataCamp – 760,561 breached accounts

In January 2017, the data science website DataCamp suffered a data breach. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im". Prefer to get this by email? Sign-up to [...]

Data Breach Notice: Knuddels – 808,330 breached accounts

In September 2018, the German social media website Knuddels suffered a data breach. The incident exposed 808k unique email addresses alongside usernames, real names, the city of the person and their password in plain text. Knuddels was subsequently fined €20k for the breach. Prefer to get this by email? Sign-up to Data Breach mailing list   Stay safe out there!

1050 Default Passwords

Remember to change your default passwords! Default passwords are there for your convenience, not your hackers. Don't make their job easier by leaving devices insecure. Time and time again we meet with victims who simply forgot or didn't realise they had vulnerable equipment sitting on their network. During your assessment, we identify all the ICT equipment within your ecosystem and add it to your asset register and any login details associated with that equipment. Armed with this information you can double-check [...]

Tips for Exploring UPS Battery Backup

Uninterruptible power supply (UPS) is a type of power supply system that contains a battery to maintain power to provide power to electronics in the event of a power surge or outage. Typically UPS power keeps a personal computer (PC) running for several minutes after a power outage, enabling you to save data that is in memory and shut down the computer gracefully. Many uninterruptible power supplies now offer a software component that enables you to automate backup and shut [...]