Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Unread Content Mark site read Home News Security & Privacy News Fortune 5
#1
Quote:Darknet forums enable cybercriminals to promote their hacking skills and trade stolen digital assets to other threat actor groups in the community. A large amount of compromised sensitive information is being dumped across various hacking forums regularly. Recently, security experts from Cybernews [color=var(--theme-link_a)]discovered an unknown hacker allegedly selling stolen credentials belonging to Adecco Group. Headquartered in Switzerland, Adecco Group is a  Fortune 500 global human resource and temporary staffing company.[/color]
 
The database kept for sale contained over five million records from six Latin American/South American countries: Peru, Brazil, Argentina, Colombia, Chile, and Ecuador.
The Leaked Data
The data dump, which was later taken down by the hacker, supposedly contained different categories of data:
  • “Candidatos_datos_personales” (candidates’ personal data) with 4,543,938 lines

  • “Candidatos_candidatos_by_email” with 3,763,836 lines

  • “Candidatos_login” with 5,321,943 lines
 
In common, all the categories exposed candidates’ sensitive information including full name, gender, marital status, birth dates, email addresses, passwords, and country of residence.
The Impact
While it is unclear why the post was taken down by the threat actor, Cybernews suspects that the database was sold out. The data could be misused for various malicious purposes, including:
  • Targeted spear-phishing attacks

  • Collecting and spamming users’ emails and phones

  • Brute-forcing users’ other online accounts
 Mitigation Measures
Cybernews also recommended certain security measures for users whose data may have been compromised in the security incident. These [color=var(--theme-link_a)]include:[/color]
  • Change your passwords immediately. You should be using a unique password for each account you create.

  • Add two-factor authentication (2FA) on your most sensitive accounts, including your primary email account. That way, even if a bad actor were able to uncover your credentials, they wouldn’t be able to get into your account.

  • Watch out for suspicious emails, as they may be phishing attempts. Avoid clicking on links from suspicious emails.

  • Watch out for suspicious activity on your financial accounts and set up identity theft monitoring.
 
Researchers suspected that the latest security incident appears to be from the same threat actors responsible for the recent VPN leaks, in which cybercriminals traded three databases that contained user credentials and device data from three Android Virtual Private Network (VPN) services – SuperVPN, GeckoVPN, and ChatVPN.


Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Malwarebytes Acquires AzireVPN to Strengthen Security and Privacy Offerings mrtrout 0 132 11-09-2024 , 08:42 AM
Last Post: mrtrout
  McAfee launches new all-encompassing privacy and identity security product line .. ahmed 1 1,024 09-16-2022 , 03:18 AM
Last Post: scolli23
  Unread Content Mark site read Home News Security & Privacy News AWS: Sola Bjyda 0 1,184 02-26-2021 , 11:07 PM
Last Post: Bjyda
  Pow! Emotet’s down. Is it out? MALWAREBYTES NEWS mrtrout 0 968 01-28-2021 , 03:28 AM
Last Post: mrtrout
  How can a Security Solution keep your Devices, Privacy and Personal Data Safe mrtrout 0 1,324 12-20-2020 , 01:34 AM
Last Post: mrtrout



Users browsing this thread: 2 Guest(s)