In today’s post, we are going to let you know about a few new security breaches. While seemingly unrelated the fact that these breaches occur in the first place is extremely alarming. To think that anyone, at any time, could have access to your personal data is frightening. That means, any time you use a particular service, you are putting your privacy on the line. Even if that service has policies in place to help prevent data breaches, sometimes that’s not enough.
If you use Microsoft’s webmail services, you are going to want to keep an eye out for any suspicious activity. Microsoft has confirmed that they have been compromised, which includes a limited number of their web-based email accounts between January 1st and March 28th. The accounts were compromised because the hacker was able to get a hold of a customer support representatives credentials. While the breach didn’t expose sign-in details or message contents, it did offer access to email addresses (which include names of addresses in conversations), subject lines and even custom folder names.
At this time, Microsoft doesn’t know how many people were affected or even where their largest group of victims comes from. As of right now, Microsoft believes that some were in the European Union, which isn’t good news given the new GDPR rules. If you’re an enterprise customer, however, you are ok. While still not great, this breach isn’t likely to be as bad as the one that affected 772 million email addresses. Attackers could use this to spam your email address, but they could also use it to piece together details of users’ personal lives and use that for identity theft.
You would think that the FBI would be immune to a security breach, but that’s just not the case. A group of hackers has exploited the flaws of at least three FBI-affiliated websites and leaked thousands of federal and law enforcement agents’ personal information. What’s interesting is that the hackers were able to infiltrate the FBI by going through websites that are run by the FBI National Academy Association. It is a nonprofit dedicated to promoting law enforcement training and has multiple chapters across the country – each with their own page.
Also interesting is that the hackers are reporting how they committed their crimes to Tech Crunch. That’s right, the hackers told the publication that they were able to break into the pages and download information, which they were then able to upload onto their own website. But this is kind of playing with fire isn’t it? I mean, stealing data from the FBI and then publicly posting it to a website?
As far as what they were allowed to steal, it was a total of 4,000 unique details. That includes names of FBI agents, their job titles, unique email addresses – including personal, physical addresses as well as phone numbers. What might be a slap in the face for the FBI is the fact that the hackers told Tech Crunch they were able to use publicly known exploits in order to gain entry, which means that the websites must have been in dire need of an update. The hackers now have over a million pieces of information on federal agents, and it doesn’t sound like they’re looking for money out of this. They are planning to publish more data on their websites in the near future.