Data attacks and data leaks are unfortunately
becoming quite the common occurrence.
They can go down at any time and affect any account.
However for a data leak to occur,
they do need the point of access to get inside.
It goes about saying that many leaks happen
because there were certain vulnerabilities,
weak passwords, pre-existing systems that victims
were not aware of, or something more specific,
like a malicious link which starts with a simple click
and sadly ends in a scam.
Whilst we might be hearing more and more
about huge data breaches which result in victim data leaks,
sometimes it's not really explained
how they happen in the first place.
So, let's jump in with the what and how,
the results of huge data leaks,
and how our very own data leak checker,
can help you check for any account breaches.
A data leak can happen due to weak security measures,
or sometimes just down to a fault
which has gone unnoticed by a company.
On the other hand,
a data breach from a bad actor is always unauthorized
and usually results in a data leak of some form.
This could be anything from your personal email address
ending up on the shady corners of the Dark Web,
to your company document and identification scams
being shared, or even held at ransom for a bounty.
In short, it's when private, sensitive,
and confidential information, gets into the hands
of someone outside the trusted circle,
or just gets unknowingly leaked
due to database misconfiguration.
Either way, personal and corporate information
spreading far and wide could have serious repercussions,
especially as cyber criminals know exactly what to look for.
Just earlier this year, our very own investigation team
found a data leak which was pretty big,
even for today's standards considering the 2020 average
is 7 million records a day.
We found 350 million decrypted email addresses
left exposed on an unsecured server.
The data bucket which had an anonymous owner,
contained seven gigabytes of unencrypted files.
Down to the timeline of the uploads,
it's fair to assume that these emails could have been stolen
or possibly purchased on the black market back in 2018.
Although it's unclear if any malicious actors
actually had access to the bucket,
if they did they could have downloaded the files
as they wished, and this could have resulted
in a huge number of spam messages, phishing scams and more.
Another example of a leak discovered
by our investigation team, is when 127,000 users' data
was leaked by the Swedish social media company, Panion.
Again, this was through an unsecured data bucket
left on an Amazon web service sever
and accessible to the public.
The worst part about it all, was that the bucket
also contained hundreds of thousands of images,
presumably exchanged by users of the app.
Again, all this information in the wrong hands,
could be used for any number of malicious acts
or even combined with other data leaks
to perform successful identity theft.
Now, if you're thinking,
"I don't know or use the mentioned services."
Then you might wanna look a little closer to home.
Even companies we use on the regular basis
have been compromised one time or another.
Just to mention one of the many data leaks
we've seen from Facebook.
Back in 2019, 419 million users phone numbers, names,
and in some cases location data,
were stored on a number of unsecured databases.
Five years earlier,
we saw millions of eBay users' personal information
exposed when a hacker used employee credentials
to gain unauthorized access to their corporate network.
Lastly, who could forget about the Yahoo attacks,
which really put the severity of data leaks
to the cybersecurity forefront?
The company suffered a number of breaches
spanning from 2012 to 2016, and even one in 2013,
which affected a catastrophic 3 billion users.
So taking into consideration,
the volume of credentials and number of instances,
it's quite possible to us or at least someone we know,
has had their data leaked one time or another.
If your credentials are compromised,
it means that bad actors can steal your personal data
from the companies that have it.
It can be bought on the DarkNet, marketplaces
or even found in corporate databases
that are not properly secure.
The possibilities are pretty endless for a cybercriminal,
that's why right away you should check
if any of your online accounts have been breached.
We have an easily accessible free data leak checker tool,
which has a 500 gigabyte database of hashed leaked emails.
It's currently the biggest known tool on the planet,
and we don't log any of the entered information.
There's more information on how it works,
what you can do if your accounts are compromised and so on.
So be sure to check that out
through the link down in the description.
If you found this useful,
don't forget to like, and subscribe to our channel
for regular cybersecurity advice.
Thanks for watching, until next time.
x
x