Category: Data Breach

May 30, 2019

Binance Crypto Exchange Hacked

BINANCE is one of the world’s biggest cryptocurrency exchanges I.e. an exchange for online currencies such as Bitcoin, Ethereum, Ripple etc. . Hackers patiently built up information and hacked into the services and stole stole 7,000 bitcoin (about $40 million) — but also stole user security codes (two-factor authentication codes and API tokens) which can lead to further thefts.

Binance CEO Zhao Changpeng said “The hackers used a variety of techniques, including phishing, viruses and other attacks”. “The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction was structured in a way that passed our existing security checks.”

The hackers compromised multiple high-net-worth accounts, whose Bitcoin was kept in Binance’s hot wallet—which, unlike cold wallets, are connected to the internet. Anyone who keeps their Bitcoin in a Binance hot wallet should change that immediately.

The hackers got access to security codes for some users and that means they may still control certain user accounts and may use those to influence prices. Binance say they will monitor the situation closely.

Cyber currencies still seem a little like the Wild West and are taking a long time to become mainstream and become as safe as mainstream currency.

If you have any experiences with crypto-currencies do let me know, by email.

February 7, 2019

Massive Data Release on Internet

Collection #1 is a data set that was dumped onto the Internet. It contains 773 million email IDs and 21 million passwords and anybody can see the data.

Security researcher Troy Hunt runs the Have I Been Pwned website that lets people check if their email address has been in a data breach and he has analysed the data and uploaded it to his website haveibeenpwned.com so anyone can check if their details are included in this or any other high profile data breach. He does make the actual data available to anybody.

His analysis shows that Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources”

After cleaning the data and removing duplicates, it seems that 772,904,991 unique email addresses, along with 21,222,975 unique passwords are available in plain text. This does not include passwords that were found still in their hashed form.

Importantly, anyone who gets their hands on the cache can easily test the plain-text passwords against actual accounts. Approximately 140 million email accounts and some 10.6 million passwords were not known from past breaches.

If one or more of your accounts are in this data breach, then it is likely that one or more of your old passwords are available for others to see. Make sure you are not still using passwords from years ago.

Check if your accounts are included in the breach and if necessary change passwords and delete unnecessary accounts.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

December 28, 2018

Morrison’s to Pay Staff after Data Breach

In 2014, the personal details of thousands of Morrison’s staff including salaries, bank account details and home addresses were stolen and published online.

At the time, Morrisons said that all the staff details published were put on an unspecified location on the web for a few hours and were taken down immediately when they were discovered. It said in a statement: “We can confirm there has been no loss of customer data and no colleague will be left financially disadvantaged.” It was working with police to identify the source of the theft.

The hacker posted the information – including names, addresses, bank account details and salaries – online and sent it to newspapers.

It turned out that it was an employee, Andrew Skelton, who had posted the data online. He was caught and jailed for eight years in 2015 after being found guilty at Bradford Crown Court of fraud, securing unauthorised access to computer material and disclosing personal data.

However, Morrisons faced a huge payout to staff whose personal data were posted on the Internet after workers brought a claim against the company for “upset and distress”.

The High Court ruling that Morrisons is liable for the data breach then the Court of Appeal upheld the original decision against the supermarket. Morrisons said it would now appeal to the Supreme Court.

This case is the first data leak class action in the UK.

Morrisons had argued that it could not be held liable for the criminal misuse of its data, but three Court of Appeal judges rejected the company’s appeal, saying they agreed with the High Court’s earlier decision.

They said Morrisons was “vicariously liable for the offences committed by Mr Skelton against the claimants”.

Skelton was given eight years in prison for fraud, securing unauthorised access to computer material and disclosing personal data at a criminal trial in 2015.

The case continues.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

December 17, 2018

Advanced Online Blackmail Scam

Online blackmail scams are a class of scam emails that attempt to force people into paying money to prevent disclosure of their online activities. The scam works by leading the recipient to believe their computer has been hacked and their secrets recorded on video by the scammer.

The scammer then threatens to release those videos to the public, to the recipient’s friends and family, social media friends etc.

In almost all cases, the scammer knows nothing beyond the recipients email address, so the whole thing is a hoax but it does lead some people to pay up (in Bitcoins, anonymously).

However, some scammers go to the trouble of buying personal details from other criminals to make their blackmail seem more believable.

Imagine you receive a threatening email but the scammer knows your password, which accounts you have, date of birth, family names or similar then the whole hoax becomes a lot more believable.

BUT, the scammer has not hacked your computer – they have simply bought that information. They get their information mostly from data breaches – the hackers sell this data to other criminals.

You may think your details have never been involved in a data breach (as you’ve never been told that your data was compromised) but if you want to be sure then check the website https://haveibeenpwned.com/ and input your email address. It will tell you which (if any) data breaches your email address was involved in and you may be surprised.

The data the criminal has may well be out of date so you may find the password they quote in the blackmail is an old one that you have previously changed, but if the password quoted is currently valid then you need to take precautions immediately in case the criminal tries to use your accounts.

The emails are very general – trying to scare the recipient into believing that the sender has found something that the recipient cannot allow to be disclosed to the public or to their family and friends.

Clearly, this wont work on many people, but for the scammers it’s a numbers game. They hope by sending out huge numbers of these emails randomly they will hit some people frightened enough to pay up.

The email title is something like “Your life can be destroyed – everything is in your hands”

The message contains badly written sentences designed to frighten but be general enough to potentially include as many people as possible.

e.g.

“I uploaded the malicious program on your system”

“I pilfered all privy background from your system”

“I have more compromising evidence”

“After adjusting, your camera shot the videotape of you”

“My malware collected all your social and work contacts”

“When I get transaction I will destroy all evidence in perpetuity”

The scammer wants a payment in Bitcoins and sets a short time limit for the payment.

I hope that no-one responds to this attempted blackmail, but who knows.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

December 3, 2018

Marriot Hotels Data Breach

The personal information of Marriot Hotel group customers has been hacked. This started in 2014 and has only just been found out.

It may affect up to 500 million people. The company do not yet know the exact number but they have started to email all those thought to have been affected.

Marriot is providing all US, Canadian and British customers with free use of the WebWatcher internet security service which can monitor your Internet devices.

The data stolen includes name, address, phone number, email address, passport number, date of birth, hotel stay information and possibly more. It also includes financial information for some customers.

This is an extremely serious data breach and may lead to financial theft and identity theft.

Law enforcement agencies are investigating what happened but it may time for the picture to become clear.

Many hackers use a long slow approach to siphoning out data from a company and it can very difficult to determine exactly what they took.

If your data has been stolen then you will be contacted by Marriot.

However, scammers will also send out fake messages claiming to from Marriot about the data breach so if you have been a Marriot customer since 2014 then be careful with any messages or calls you receive.

What Can You Do?

Check the website setup by Marriot about this at answers.kroll.co.uk
You can call their support line on 0808 189 1065 if concerned
Check your payment card transactions regularly and look for anything out of the ordinary
If your login and password have been used on other accounts then consider changing them

If you have had any problems with your data being compromised – do let me know by email.