What is the Common Vulnerability Scoring System? The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security […]
What is the Common Vulnerability Scoring System? The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security […]
In January 2023, Pitt Meadows School District 42 in British Columbia suffered a data breach. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.
In January 2023, the UK-based ice skating rink booking service Planet Ice suffered a data breach. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.
What is a zero-day (computer)? A zero-day is a security flaw in software, hardware or firmware that is unknown to […]
Role-based training is playing a bigger and bigger role in the world of security awareness and managing human risk.
What is a backdoor? A backdoor attack is a way to access a computer system or encrypted data that bypasses […]
In January 2023, the online Norwegian store KomplettFritid was reported as having had a data breach dating back to February 2021. The incident exposed 140k customer records including physical, email and IP addresses, names, phone numbers and passwords. Most passwords were stored as bcrypt hashes with a small number appearing in plain text.
In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated that the “data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods”. The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to “IntelBroker”.
In January 2023, the Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to “IntelBroker”.
By What is Heartbleed? Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library. It was […]