A_W_S: A hacker who goes by the moniker A_W_S is selling the data of 21 million Mixcloud users online for $2,000. A_W_S claimed to have breached the online music service in early November and began contacting journalists on November 29th to share details of the hack. The samples sent to journalists by the hacker contained usernames, email addresses, hashed passwords, users’ nationality, registration data, last login, and IP address. Multiple users who were contacted regarding their information being contained within the breach sample confirmed that the details contained in the sample were correct. Mixcloud confirmed the breach over the weekend but stated that most users had signed up through a linked Facebook account and therefore did not have a password associated with their account. Those who did have passwords should feel safe according to Mixcloud. Mixcloud stated that all passwords on their servers are both salted and hashed to ensure their security. A_W_S has been tied to the threat group Gnosticplayers, who is believed to be responsible for a number of significant data breaches recently.
With all the news around COVID-19/Coronavirus, the average person is turning to the internet for