• why are those data leaks problematic?
    • because scammers and spammers will use this data to even better scam (social engineer) the affected users
      • that is why it is essential to give those platforms (if the user needs them) as little info as possible and false birthday dates, fake phone numbers, level1 (everyone may know) passwords
    • god knows what evil-else can be done with this data
  • Microsoft Inc (NASDAQ: MSFT) owned professional network platform, linkedin.com, suffered a massive data “hack” compromising 500 million user profiles, the quint reports based on CyberNews.
    • The data extraction included users’
      • email addresses
      • phone numbers
      • workplace information
      • full names
      • account IDs
      • links to social media accounts
      • gender details
    • LinkedIn has assured the safety of private members’ data
    • LinkedIn refuted data breach allegations in its blog post.
    • According to the professional networking platform, “it is actually an aggregation of data from a number of websites and companies.”
    • “It does include publicly viewable member profile data that appears to have been scraped from LinkedIn.”
    • “This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
  • This week, Facebook Inc (NASDAQ: FB) users suffered a data breach, (src of the src reuters) compromising 533 million accounts, including 6 million Indian accounts.
    • The leaked data, including:
      • joining date
      • workplace
      • names
      • gender
      • occupation
      • relationship status
    • was posted for free on hacking forums.
    • Facebook said “malicious actors” had obtained the data prior to September 2019 by “scraping” profiles using a vulnerability in the social media service’s tool to sync contacts.

      The company said it identified the issue at the time and modified the tool.

      “As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists,” Facebook said in a blog post. (src: https://www.reuters.com/article/us-facebook-breach/facebook-says-data-on-530-million-users-scraped-before-september-2019-idUSKBN2BT307)

  • paxful.com: Peer-to-peer cryptocurrency trading platform Paxful has become the latest target of a massive data breach.

    What Happened:  According to a report from the Telegram channel ‘Information Leaks,’ a Paxful database containing

    • 4.8 million users and employee information is now available for sale on a darknet forum
    • The leak contains:
      • full names
      • email addresses
      • hashed passwords
      • IP addresses
      • digital browser fingerprints
      • In some cases:
        • phone numbers
        • addresses
        • dates of birth
  • src: https://www.benzinga.com/markets/cryptocurrency/21/04/20555694/4-8-million-user-records-leaked-from-paxful-trading-platform-on-sale-for-one-bitcoin
admin