AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Data breach: 560 million users involved

How to protect yourself from the consequences of a major data breach

ShinyHunters hacked Ticketmaster-Live Nation, stealing 1.3 terabytes of data from 560 million users, now for sale on the Darkweb. The stolen data includes personal and payment information. Users risk spam and phishing attacks. We recommend using 2FA and monitoring your data.

This pill is also available in Italian language

The latest exploit by the cyber criminal group known as ShinyHunters has put the security of 560 million Ticketmaster-Live Nation users at risk. The American company, famous for distributing event tickets, was the victim of an attack that led to the stealing of 1.3 terabytes of sensitive data. The compromised information includes full names, addresses, emails, phone numbers, order details and, in part, payment card information. Currently, this data is for sale on Breach Forum, one of the most well-known black markets on the Darkweb, for $500,000. ShinyHunters is a group active since 2020, already known for high-profile attacks such as those against Santander and Microsoft. Despite a recent intervention by the FBI which had closed the forum, the group managed to regain control of a seized domain, reopening the market on the Darkweb and Clearnet.

When the amount of data is not the only problem

Michael Clemente, founder of Clio Security and expert in cybersecurity, analyzed a sample of the stolen data offered for sale on the Darkweb. What is disconcerting is not so much the amount of data (although considerable), but the fact that 1.3 terabytes were stolen without raising alarms. Clemente speculated that the breach may have been detected, but not reported, to avoid damaging the company's image. In Italy, the law obliges people to report these violations, but they often prefer to "wash dirty laundry at home", hoping that the leak will not be discovered. However, cases like this demonstrate that, sooner or later, violations emerge, but when it is too late and those who pay the consequences are always the end users.

The risks associated with compromised data

There are many potential risks for users whose data has been stolen. According to Clemente, the most immediate and visible risk is represented by spam campaigns, which will flood the inboxes of compromised users. Another significant danger is phishing attacks, made even more insidious by the fact that cyber criminals have access to users' purchasing habits. This makes it easier to conduct spear-phishing attacks, which are much more targeted and effective than general phishing attacks. These risks should not be underestimated, as they can lead to further theft of personal data, financial fraud and other inconveniences for the users involved.

How to protect yourself from threats

To defend yourself from these threats, Clemente recommends some effective security measures. First, it's crucial to enable second factor authentication (2FA), which makes it harder for criminals to access accounts even if they manage to obtain the password. Furthermore, it is useful to periodically check if your email address has been involved in any data leak through services like Have I Been Pwned?. To reduce the risk, especially when registering on sites used temporarily for single purchases, it is advisable to use temporary emails generated by specific services. Overall, it's essential to take charge of protecting your data by watching out for suspicious emails, unusual phone calls, or messages that could be spear-phishing attempts. In summary, protecting your digital identity requires continuous attention and the adoption of effective preventative practices.

Follow us on Instagram for more pills like this

06/04/2024 19:57

Editorial AI

Last pills

Ransomware attack on Synnovis: London health services in crisisSevere disruption to pathology and diagnostic services in London

A new LPE exploit for Windows for sale in the undergroundA new local privilege escalation threat for Windows in the underground forums

Critical failure in Check Point VPN solutions: risks and security measuresExposure of enterprise systems: urgent updates and patches to protect networks

Massive cyberattack on Windstream home routersAn analysis of the devastating cyber attack on Windstream routers and the techniques used by the cybercriminals