Saturday, October 16, 2021

Peatix Warns Users for Attacks After Breach

Must Read

Attacks are rising in all sectors and It’s types

DDoS, net application, bot, along with other attacks have jumped exponentially in comparison to the first half of 2019,...

Polish game developer CD Projekt Red suffers a ransomware attack

Polish game developer CD Projekt Red, the maker of games such as Cyberpunk 2077 and The Witcher series, disclosed...

GoDaddy has confirmed that workers became embroiled in broader cryptocurrency attacks.

GoDaddy workers were exploited to ease attacks on multiple cryptocurrency exchanges through social engineering and phishing.Staff in the domain...

Occasions and ticketing program Peatix has cautioned users of follow-on cyber-attacks later acknowledging it endured a data breach earlier this month.

The company claimed to have been advised by a third party on November 9 that accounts information was”improperly obtained and got.

“It’s been verified that information, such as names, email addresses, salted and hashed version of passwords, nicknames, favorite languages, and states and time zones in which the accounts were made, about a number of our customers was included,” it noted.

Thankfully, since the company doesn’t store passwords in plain text or complete credit card information, the fallout in the violation ought to be rather included.

But, it’s still asking users to reset their passwords and cautioned possible follow-on credential password and stuffing spraying strikes, which suggests its encryption might be crackable.

“If your data was accessed by poor actors, they can use it to contact you (e.g. by sending you emails ) or to try to collect personal information from you by deception (called phishing attacks),” the note continued.

Paul Bischoff, the privacy advocate at Comparitech.com, contended that the amount of risk vulnerability for affected clients depends on details that have not been revealed by the business.

“Peatix hasn’t said what algorithm is used to rosemary and hash the passwords from the database, which might give us a much better indication as to if users’ passwords are in danger,” he clarified.

“I have seen lots of breaches of passwords which were hashed using deprecated algorithms like SHA1 or MD5 which may be deciphered with very little effort, therefore it’d be useful to understand what algorithm was used to reestablish those passwords”

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This