Latest Threat Research: Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks

Get Informed


LiveAuctioneers Data Breach

LiveAuctioneers, a worldwide auction site, disclosed a data breach after a breach broker started selling 3.4 million stolen user records online. The data is claimed to contain email addresses, usernames, MD5 hashed passwords, names, phone numbers, physical addresses, IP addresses, and social media profiles. BleepingComputer was informed by the data broker that the database is being sold for $2500. It is also claimed that about three million of the passwords have been decrypted, which is included in the sale. LiveAuctioneers stated that the data was stolen from a third-party data processing company, credit card information was not included in the breach, and that bidding history was not likely affected.

Analyst Notes

In response to this breach, the auction site disabled all bidder passwords and is forcing a reset. LiveAuctioneers users should make their new password more complex through the use of uppercase and lowercase letters, numbers and special characters. The new password should also be unique to the login and not shared with any other accounts. Any attacker who purchases this data will most likely use it with automated password-checking software that can attempt to log in to social media, email and online banking or tax preparation websites using the passwords from this data breach or similar passwords. For any of the breached records that used a work email address, attackers might also try to log on to the company’s Office 365, VPN, or other online resources used by the company on the same domain name. Affected people should also be on the lookout for targeted phishing campaigns as this information is a treasure trove for online criminals. Companies should monitor data breaches to detect any use of their employees’ email addresses and reset leaked passwords if the same password is used to access company resources. Experience has shown that many employees use the same or very similar passwords across many websites.

Source Article: