500K Zoom Accounts Discovered for Sale on the Dark Web

online video conference

What Happened?

As organizations move to remote work during the COVID-19 crisis, online communications have become essential. Online audio, web and video conferencing tool usage have increased 400% in only one month, according to AT&T. This new popularity for virtual meetings has also seen a multitude of security exploitations on popular video conferencing sites like Zoom.

On April 14, 2020, over 500,000 Zoom account credentials were found for sale on the Dark Web. The information available for purchase include the user’s email address, password, personal meeting URL, and their Zoom Host Key — all being sold for less than a penny each. In some cases, the account credentials were being offered for free. The account details were obtained through credential stuffing attacks, where cyberthieves use emails and passwords previously exposed in other, non-related data breaches, to attempt access into other sites.

Continue reading

Facebook Exposes 267 Million User Credentials, Wawa Payment Systems Breached

What Happened?

On December 19, 2019, Facebook came under fire once again, when over 267 million records belonging to the social site were found on an unsecured webpage. This is at least the third time in 2019 that Facebook has been in the news for leaving its users’ data unprotected. The exposed database disclosed names, Facebook IDs, and phone numbers of Facebook users, and was available to cybercriminals for two weeks or more. Continue reading

There’s No Expiration Date for Your Data on the Dark Web

Frozen Clock represents No Expiration Date Data Dark Web

With data breaches impacting organizations on what seems like a daily basis, there’s a very good chance that your personal information has been compromised — and once it is leaked onto the Dark Web, you are vulnerable forever. According to the 2018 End-of-Year Data Breach Report, the total number of data breaches decreased in 2018, however, the number of stolen records climbed more than 126 percent. Not only is that a significant increase in the amount of Personal Identifiable Information (PII) that is now in the hands of cybercriminals, but it is also an indication that breaches have become larger, exposing more pieces of data per incident. Continue reading