Neopets, the virtual pet website has disclosed a data breach. The breach was initially confirmed on July 20th, 2022, on Discord by a Neopets representative after it was reported on a community site. Neopets then tweeted about the event and posted a message on their customer forum as well. A portion of that statement read, “Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data.” The information that was accessed is already for sale on a criminal forum, with the threat actor claiming to have information such as email addresses and passwords as well as live access to the database. The full scope of the breach is unknown and there is some speculation that payment information may be included also, but that has not been confirmed. Requests for additional information have not been answered by Neopets thus far.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is