#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

password hacked | Breaking Cybersecurity News | The Hacker News

Quora Gets Hacked – 100 Million Users Data Stolen

Quora Gets Hacked – 100 Million Users Data Stolen

Dec 04, 2018
The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday discovered that an unidentified malicious third-party managed to gain unauthorized access to one of its systems and stole data on approximately 100 million users—that's almost half of its entire user base. According to Adam D'Angelo, the chief executive officer and co-founder of Quora, the personal user information compromised in the breach includes: Account information , such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter when authorized by users. Public content and actions , like questions, answers, comments, and upvotes. Non-public content and actions , including answer requests, downvotes,
Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

Sep 16, 2017
OurMine is in headlines once again—this time for breaching the popular video streaming service Vevo . After hunting down social media accounts of HBO and defacing WikiLeaks website , the infamous self-proclaimed group of white hat hackers OurMine have hacked Vevo and leaked about 3.12 TB worth of internal files. Vevo is a joint venture between Sony Music Entertainment, Universal Music Group, Abu Dhabi Media, Warner Music Group, and Google's parent company Alphabet Inc. OurMine managed to get hold of Vevo's "sensitive" data including its internal office documents, videos and promotional materials after the hacking collective successfully hacked into the Vevo servers. The group then posted the stolen documents (approximately 3.12 terabytes) from Vevo on its website on late Thursday, though OurMine removed the stolen information from its website on Vevo's request. Although it's not clear what prompted OurMine to hack Vevo, the group noted on its
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Hacker puts up 167 Million LinkedIn Passwords for Sale

Hacker puts up 167 Million LinkedIn Passwords for Sale

May 18, 2016
LinkedIn's 2012 data breach was much worse than anybody first thought. In 2012, LinkedIn suffered a massive data breach in which more than 6 Million users accounts login details, including encrypted passwords, were posted online by a Russian hacker. Now, it turns out that it was not just 6 Million users who got their login details stolen. Latest reports emerged that the 2012's LinkedIn data breach may have resulted in the online sale of sensitive account information, including emails and passwords, of about 117 Million LinkedIn users. Almost after 4 years, a hacker under the nickname "Peace" is offering for sale what he/she claims to be the database of 167 Million emails and hashed passwords, which included 117 Million already cracked passwords, belonging to LinkedIn users. The hacker, who is selling the stolen data on the illegal Dark Web marketplace " The Real Deal " for 5 Bitcoins (roughly $2,200), has spoken to Motherboard, confirming th
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Researcher Publishes 10 Million Usernames and Passwords from Data Breaches

Researcher Publishes 10 Million Usernames and Passwords from Data Breaches

Feb 10, 2015
A security researcher has publicly released a set of 10 Million usernames and passwords, which he collected from multiple data breaches over the last decade for the purpose of his research. These 10 million usernames and passwords are collective of leaked database dumps those were already available publicly on the Internet. However, Mark Burnett, a well-known security consultant who has developed a specialty collecting and researching passwords leaked online, marked his decision to publish the password dump as legally risky, but necessary to help security researchers. WHY IS THE RESEARCHER WILLING TO SHARE PASSWORDS ? The researcher says the released set of passwords and usernames is like a sample data, which is important for other researchers to analyze and provide great insight into user behavior and is valuable for encouraging password security . Also, the researcher was frequently receiving lots of requests from students and other security researchers to submit a copy
vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach

vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach

Nov 17, 2013
Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users. Yesterday,  Inj3ct0r Team of Exploit Database website  1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a   Zero Day exploit . " Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin , got password moderator. 860000 user data hacked too. The network security is a myth " he told me. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely. On their exploit marketplace they are also selling this zero day exploit with Shell Upload payload at $7000 USD. " We found a critical v
MacRumors forum hacked; more than 860,000 accounts compromised

MacRumors forum hacked; more than 860,000 accounts compromised

Nov 13, 2013
Popular Mac news and information site MacRumors user forums have been breached by hackers on Monday this week. More than 860,000 usernames, emails and hashed passwords were potentially compromised. Users are advised to users that they change their passwords on the forums, as well as any other sites or services where the same password has been used. MD5 with or without salt, to be an inadequate means of protecting stored passwords. Back in 2012, the original author of the MD5 password hash algorithm has publicly declared that MD5 is no longer considered safe to use on commercial websites. u The owner of the site, Arnold Kim, apologized for the intrusion and said that it occurred because the hacker gained access to a moderator account, which then allowed the intruder to escalate their own privileges with the goal of stealing user login credentials. " We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it
50 million customers compromised in LivingSocial hack

50 million customers compromised in LivingSocial hack

Apr 27, 2013
LivingSocial, a daily deals website part-owned by Amazon Inc ., hit by a cyber attack that may have affected more than 50 million customers and will need to reset their passwords. LivingSocial says it has 70 million members worldwide. Leaked data includes names, e-mail addresses, dates of birth and encrypted passwords. Customers' credit card information and merchants' financial and banking information were not affected by the hack, LivingSocial said. So it looks like some personal info may have fallen into the wrong hands, but credit card and other financial details should be safe. The cyberattack affected LivingSocial customers in North America, Australia, New Zealand, United Kingdom, Ireland and Malaysia and its LetsBonus users in Southern Europe and Latin America. So if you're among the affected users, the hackers have just the right amount of information to phish you. The site is sending out emails to customers advising them to change their passwords.
ABC hacked after anti-Islam politician Interview

ABC hacked after anti-Islam politician Interview

Feb 27, 2013
The Australian Broadcasting Corporation (ABC) is investigating data breach after Lateline interviewed Dutch anti-Islam politician Geert Wilders. A hacker going by the handle " Phr0zenMyst " has claimed to have hacked a web site associated with the ABC television program Making Australia Happy, leaking the details of its users online. The files contain the personal email addresses, locations and genders of almost 50,000 of registered users of ABC websites, including encrypted versions of their login passwords. The data was posted in 10 separate pastebin's which can be accessed online.  There were some indications on social media sites that the attack was in retaliation for some of the ABC's recent editorial decisions. The hacker, believed to be associated with the online activist group Anonymous, wrote on Twitter, " ABC hacked for giving a platform to Geert Wilders to spread hatred #OpWilders - database leaked! " " This breach originated
Cybersecurity Resources