500K Zoom Accounts Discovered for Sale on the Dark Web

online video conference

What Happened?

As organizations move to remote work during the COVID-19 crisis, online communications have become essential. Online audio, web and video conferencing tool usage have increased 400% in only one month, according to AT&T. This new popularity for virtual meetings has also seen a multitude of security exploitations on popular video conferencing sites like Zoom.

On April 14, 2020, over 500,000 Zoom account credentials were found for sale on the Dark Web. The information available for purchase include the user’s email address, password, personal meeting URL, and their Zoom Host Key — all being sold for less than a penny each. In some cases, the account credentials were being offered for free. The account details were obtained through credential stuffing attacks, where cyberthieves use emails and passwords previously exposed in other, non-related data breaches, to attempt access into other sites.

Continue reading

Landry’s Suffers Malware Attack, Payment Data Exposed

What Happened?

On January 2, 2020, dining and entertainment conglomerate, Landry’s, announced a point-of-sale malware attack that targeted customers’ payment card data – the company’s second data breach since 2015. Landry’s owns over 600 popular American restaurants across the U.S., including Del Frisco’s Grill, Joe’s Crab Shack, Bubba Gump, Rainforest Café and more; 63 of Landry’s restaurant brands were impacted by the malware. The number of customers affected by the breach has not been disclosed, but the malicious code is expected to have picked up payment details from credit and debit cards swiped on Landry’s order entry systems occurring between March 13 and October 17, 2019. The hacked Personally Identifiable Information (PII) included credit and debit card numbers, expiration dates, verification codes and cardholder names. Continue reading

Facebook Exposes 267 Million User Credentials, Wawa Payment Systems Breached

What Happened?

On December 19, 2019, Facebook came under fire once again, when over 267 million records belonging to the social site were found on an unsecured webpage. This is at least the third time in 2019 that Facebook has been in the news for leaving its users’ data unprotected. The exposed database disclosed names, Facebook IDs, and phone numbers of Facebook users, and was available to cybercriminals for two weeks or more. Continue reading

Apollo Breach Exposes Over 200 Million

What happened?

Apollo, a company who provides sales engagement solutions to its clients, recently confirmed a massive data breach – first discovered in July 2018 – affecting over 200 million of its contacts.

Hackers gained access to Apollo’s prospect databases to steal names, job titles, employers, social media handles, phone numbers, email addresses and other business contact information. 

Continue reading