Building a Culture of Security for Your Organization

Why Workplace Security Depends on Employees

October is National Cybersecurity Awareness Month (NCSAM), and since its inception more than 17 years ago, it has been led by the U.S. Department of Homeland Security and the National Cybersecurity Alliance. This year’s theme encourages you and your organization to “Do Your Part. #BeCyberSmart.”, referring to implementing stronger security practices, raising community awareness, educating vulnerable audiences, or training employees. Continue reading

When a Corporate Data Breach Happens: Critical Next Steps

Corporate Breach Response

What if my Business is Next?

Regardless of cybersecurity proficiency, no organization is safe from data breaches. That’s why it’s critical that every business develops and documents an Incident Response Plan. Your response plan will outline steps your organization should take if you suspect data has been compromised. The quicker your business follows the plan, the better off you will be, and you will be in a position to mitigate the impact the data loss will have on your business. Continue reading

Scraped and Exposed | 235 Million Profiles from Instagram, TikTok, and YouTube Found Online

Woman looking through social media profiles

What Happened

On August 19, 2020, researchers at Comparitech uncovered an unsecured database with 235 million Instagram, TikTok, and YouTube user profiles exposed online. The ownership of this latest data leak was traced to a defunct social media data broker, Deep Social, who forwarded the breach notification to Social Data. Continue reading

386 Million User Records from 18 Companies Leaked for Free

computer hacker selling PII on dark web

What Happened?

It was just recently confirmed that starting on July 21, 2020, multiple databases containing the stolen information of over 386 million consumers were posted online in a hacker forum — all for free. The exposed information was stolen from eighteen companies, including Wattpad (270 million user records), Mathway.com (25.8 million user records), Promo.com (22 million user records), and Drizly.com (2.4 million user records) through past data breaches. Many of the 18 companies involved in this data leak have announced security incidents had occurred in 2020, but several remain unknown or undisclosed. The Personally Identifiable Information (PII) in each database varies, but typically contain names, user names, email addresses, and hashed passwords. Hashed passwords can be deciphered, further exposing a breach victim to account takeover and credential stuffing attacks. Continue reading