New recipes

Bad News, MyFitnessPal Users: Your Information Could Be Part of a Data Breach

Bad News, MyFitnessPal Users: Your Information Could Be Part of a Data Breach

We are searching data for your request:

Forums and discussions:
Manuals and reference books:
Data from registers:
Wait the end of the search in all databases.
Upon completion, a link will appear to access the found materials.

Step #1: change your password.

A massive data breach is always a concern—but the latest security flub from popular fitness software MyFitnessPal could have your personal health data out in the open.

It was only this week that the mobile health app made users aware of a security breach that occurred back in February. Today, they sent out a statement to all app users explaining what happened—and exactly what information was compromised.

Stay up to date on what healthy means now.

Sign up for our daily newsletter for more great articles and delicious, healthy recipes.

According to the statement, an unauthorized third party obtained data associated with MyFitnessPal user accounts, including people’s usernames, email addresses, and hashed passwords.

MyFitnessPal’s Chief Digital Officer Paul Fipps said in a statement, “Once we became aware [of the data breach], we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.”

If you’re a MyFitnessPal user, there are several things you can do to protect your information. First, change your account passwords (email, MyFitnessPal, etc.) immediately. Next, continue to monitor your accounts for any suspicious activity, and be aware of fishy links and unsolicited emails—they could be hackers trying to get your information.

ChatBooks discloses data breach after data sold on dark web

ChatBooks photo print service has informed its customers that user information was stolen from their systems following a cyber attack. Data consisting of 15 million user records is now being offered for sale on the dark web.

This breach is part of a spree of leaks from a group of hackers that is now selling over 73 million user records from 11 companies.

The service provides an easy way to create photo books using Instagram and Facebook social media accounts as the source.

Hackers held data for over a month

A hacker group called Shiny Hunters on May 3 started advertising ChatBooks user records on a dark web market, asking $2,000 for 15 million rows of data.

They provided a sample with email addresses, hashed passwords (SHA-512), social media access tokens, and personally identifiable information.

Users sharing the security breach notification received the bad news on Friday, May 8, saying that the hackers stole login credentials to the service, names, email addresses, and passwords (salted and hashed).

&ldquoAdditionally, for a small portion of the affected records, some phone numbers, FacebookIDs, and inactive social media access and merchant tokens were also stolen&rdquo - Nate Quigley, ChatBooks co-founder and CEO

The company informed that payment or credit card information was not present in their database, so it was not impacted. Also, there is no evidence to suggest that personal data, like photos, was stolen.

According to the notification, the company learned about the intrusion on Tuesday, May 5, two days after the hackers started advertising ChatBooks user records on a dark web market. Based on forensic investigation, the breach occurred on March 26.

ChatBooks are not the only victims od Shiny Hunters but it is the first company that admitted to being hacked and alerted their customers.

BleepingComputer found that the same hackers are selling user records from multiple companies. Some of them learned from the media that their user records were on sale and had just begun an investigation when BleepingComputer reached out for comment.

At this moment, the price for the ChatBooks database is higher, at $3,500. The hackers do not offer the information exclusively, and the details included may have attracted an increased number of buyers.

The stolen passwords enjoy some security but the company advises its customers to change their them as soon as possible.

Although hashing is a one-way process that does not allow reversing to the original string, hackers have huge lists of passwords. They can convert them to hashes, add the salt, and compare the results with what the stolen database provides. Any match is a cracked password.

How do data breaches happen?

An exploit is a type of attack that takes advantage of software bugs or vulnerabilities, which cybercriminals use to gain unauthorized access to a system and its data. These vulnerabilities lie hidden within the code of the system and it&rsquos a race between the criminals and the cybersecurity researchers to see who can find them first. The criminals, on one hand, want to abuse the exploits while the researchers, conversely, want to report the exploits to the software manufacturers so the bugs can be patched. Commonly exploited software includes the operating system itself, Internet browsers, Adobe applications, and Microsoft Office applications. Cybercriminal groups sometimes package multiple exploits into automated exploit kits that make it easier for criminals with little to no technical knowledge to take advantage of exploits.

A SQL injection (SQLI) is a type of attack that exploits weaknesses in the SQL database management software of unsecure websites in order to get the website to spit out information from the database that it&rsquos really not supposed to. Here&rsquos how it works. A cybercriminal enters malicious code into the search field of a retail site, for example, where customers normally enter searches for things like &ldquotop rated wireless headphones&rdquo or &ldquobest-selling sneakers.&rdquo Instead of returning with a list of headphones or sneakers, the website will give the hacker a list of customers and their credit card numbers. SQLI is one of the least sophisticated attacks to carry out, requiring minimal technical knowledge. Malwarebytes Labs ranked SQLI as number three in the The Top 5 Dumbest Cyber Threats that Work Anyway. Attackers can even use automated programs to carry out the attack for them. All they have to do is input the URL of the target site then sit back and relax while the software does the rest.

Spyware is a type of malware that infects your computer or network and steals information about you, your Internet usage, and any other valuable data it can get its hands on. You might install spyware as part of some seemingly benign download (aka bundleware). Alternatively, spyware can make its way onto your computer as a secondary infection via a Trojan like Emotet. As reported on the Malwarebytes Labs blog, Emotet, TrickBot, and other banking Trojans have found new life as delivery tools for spyware and other types of malware. Once your system is infected, the spyware sends all your personal data back to the command and control (C&C) servers run by the cybercriminals.

Phishing attacks work by getting us to share sensitive information like our usernames and passwords, often against normal logic and reasoning, by using social engineering to manipulate our emotions, such as greed and fear. A typical phishing attack will start with an email spoofed, or faked, to look like it&rsquos coming from a company you do business with or a trusted coworker. This email will contain aggressive or demanding language and require some sort of action, like verify payments or purchases you never made. Clicking the supplied link will direct you to a malicious login page designed to capture your username and password. If you don&rsquot have multi-factor authentication (MFA) enabled, the cybercriminals will have everything they need to hack into your account. While emails are the most common form of phishing attack, SMS text messages and social media messaging systems are also popular with scammers.

Broken or misconfigured access controls can make private parts of a given website public when they&rsquore not supposed to be. For example, a website administrator at an online clothing retailer will make certain back-end folders within the website private, i.e. the folders containing sensitive data about customers and their payment information. However, the web admin might forget to make the related sub-folders private as well. While these sub-folders might not be readily apparent to the average user, a cybercriminal using a few well-crafted Google searches could find those misconfigured folders and steal the data contained in them. Much like a burglar climbing right into a house through an open window, it doesn&rsquot take a lot of skill to pull off this kind of cyberattack.

Lessons Learned From the Facebook Data Breach

Like around 90 million other people, I woke up to a notice from Facebook that there had been a security “incident”. There had been a major Facebook data breach. I needed to re-login to Facebook and a dozen other sites.

This was before my first cup of coffee, never a good time for bad news.

Yes, I look at Facebook and Twitter while making my first cup of coffee. Don’t judge me.

This sparked some questions in my mind — and, no doubt, 89,999,999 others. We all asked:

  • What happened?
  • How did it happen?
  • Why did it happen?
  • What can we do about it?

So, what happened?

Facebook, and a lot of other major Internet companies like Google and Github, provide a service generically called single sign-on (SSO). Single sign-on simply means that Facebook is providing a service to third parties that allows those third parties, like mobile applications and other websites, to leverage Facebook’s sign on process rather than providing their own.

Reliably identifying users — what is called the “authentication problem“ — is difficult for anyone, and especially for small companies.

SSO authentication depends on the provider — in this case Facebook — generating a piece of data that is difficult to forge. This chunk of data is called a token. The token then becomes your credential for access to these other third parties in place with your password on Facebook.

SSO has a lot of advantages. For websites and applications it means you don’t have to have your own authentication implementation, and your users don’t need to remember another password. (Passwords have horrible security issues anyway, although that’s a topic for another article.)

SSO is more convenient for the users as well, since instead of needing to have their own password, invent and manage different passwords for each site, and then trust that the individual sites won’t be hacked.

It’s an advantage for Facebook as well, of course. If these third parties are using Facebook SSO for authentication, it encourages users of those apps to get Facebook accounts and provides a great incentive to keep those accounts.

In other words, it’s to everyone’s advantage if Facebook can be a trusted source of authentication for SSO.

As long as Facebook can be trusted.

How did this data breach happen?

The short answer is that Facebook had a feature with a security hole that no one had expected and so had never tested.

The longer answer is that we don’t know everything yet. What we know is that it worked like this: Facebook has a feature called “view as” that allows you to temporarily impersonate someone else in order to see how your privacy settings modify what they can see from your account. (Imagine, for example, if you’re worried that your diabetes doctor will see your collection of ice cream and cheesecake recipes.)

The flaw was that when you used “view as“, Facebook took it a little bit too literally, exposing the “authentication token“ of the person you were impersonating. A sophisticated attacker could then get that authentication token, which would allow them to impersonate that person on other sites and with other applications.

A matter of trust

It’s gotten to be old-fashioned to use this term in cybersecurity, but the issues of security come down to issues of trust. That is, your willingness to delegate responsibility for something you care about to someone else.

Third-party applications are delegating their responsibility to be sure they have the right user to Facebook. Facebook users are trusting Facebook to manage their identifying information correctly. And Facebook has every reason not to prove that trust unwarranted.

This time, Facebook blew it.

Why did it happen?

Again, there is a short answer: security is hard. This data breach was the result of several code errors that compounded. That kind of problem is very hard to identify or catch. Approaches to solving the problem have been known for decades but they cost money and make systems harder to use. If you think about it, any security means keeping users from doing things they want to do. Security always makes the system feel less usable.

Photo by rawpixel on Unsplash

What can we do to prevent another data breach?

One solution that’s being proposed is to use multi-factor authentication. My bank uses this and to ensure that you are you, they send a code in a text message. Shon Gerber, chief information security officer for a major multinational corporation, points out that these text messages aren’t particularly secure either.

They sell ‘this is your secure solution’ – but it’s just more secure. They are still trusting you to do your part, and you are trusting your bank to do their part. If your account was compromised, it’s still compromised.

The fact is that security really can’t be added on to a project. Security, like other “non-functional” requirements such as performance and usability, doesn’t come from a single component or feature. It must be considered from the beginning. Development teams with experience in secure systems —teams like our team at Flint Hills Group, he said modestly — have the experience and training to factor these into projects from the start.

Security is hard but it can’t be ignored.

Part of the solution is to encourage more research and development in security. Originally cybersecurity research was largely funded by the Department of Defense. There’s still a place for government funding, but cybersecurity is no longer just an issue of protecting classified information. Companies should be investing in security research as well.

The problem is, companies like Facebook don’t have a very strong incentive to pursue better security. Oh, Facebook has been embarrassed by this, and responding has no doubt cost millions — but Facebook has a lot of millions to spend, and anyone who is actually injured by a data breach can have a very tough time recovering any real damages. Most terms of service — you know, those 14 page legal documents to which you have to agree in order to access your cat pictures — disclaim any liability

The more often these things happen, however, the more pressure there will be for the government to act. No company wants that, but unless companies find a better solution, the government will have to act.

Bad news: Your $125 Equifax data breach payout is pretty damn unlikely

You'll get less than 25 cents if every person claims their share.

You could get less cash back in the settlement than you think.

If you've been affected by the 2017 Equifax data breach, you have a choice to make -- get a $125 payout or 10 years of free credit monitoring. The problem is, your $125 compensation for the grief you went through to recover from the hack may not add up to $125. The FTC has cautioned that if everyone eligible requests the money over the monitoring, your benefit will be "nowhere near the $125."

Here's the problem. Equifax has agreed to pay up to $700 million to compensate the 147 million victims of the data breach, but the pool of money set aside for the $125 payout is only $31 million, according to the FTC. That works out to about 20 cents per person.

You do have another option, though. You could also choose 10 years of free credit monitoring. And that is the choice the FTC is pushing.

"Frankly, the free credit monitoring is worth a lot more -- the market value would be hundreds of dollars a year," the FTC said on its website. "And this monitoring service is probably stronger and more helpful than any you may have already."

As part of the settlement reached between the FTC and the free credit report company, you can also file claims to be reimbursed for time spent recovering from fraud and identity theft, for money spent to protect yourself from the breach and for the cost of Equifax credit monitoring subscriptions. You can claim up to $20,000 in compensation, providing documents and receipts to support your claim.

We have a guide for how to choose between the options , if you are thinking through which is the better choice for you. And if you've already filed your claim, the FTC said you can change your mind. Watch for an email from the settlement administrator with instructions. Scammers are already setting up websites to trick victims, but they're easy to avoid as long as you know what you're looking for.

Under Attack: The Year 2018 In Breach

If we were to record a time-lapse of data breaches across the globe in 2018, it would reveal consistent increases in three key categories:

The average total cost of a breach increased by 6.4% from $3.6 million to $3.86 million

The average size of a data breach has increased by 2.2%

The average total cost of a record loss due to breach increased 4.8% from $1.41 per record to $1.48.

According to the 2018 Cost of Data Breach by the Ponemon Institute, aside from a 6.4% year-over-year lift on the average total price tag of a single breach (now $3.86B), the number of records lost or stolen has climbed by 2.2% this year alone.

To make matters worse, the dollar-cost consequence of each record compromised (revealed to an unauthorized attacker) continues to skyrocket. The global average per capita cost went from $141 to $148, with the United States, Canada, and Germany leading at $233, $202, and $188, respectively.

However, a common theme that emerges is the importance of speed in detection and mitigation, which can significantly lower the burden of a breach. Although the Mean Time to Identify (MTTI) and Contain (MTTC) rose to record highs of 197 and 69 days respectively, organizations that were able to contain a breach in less than 30 days saved over $1M compared to those who took longer. To put this into perspective, the average cost savings generated from working with an Incident Response (IR) team was as high as $14 per compromised record. In other words it pays to be prepared.

Meanwhile, privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breach (NDB) are shining a bright beam on the most prevalent breach type: identity theft. Gemalto’s Breach Level Index reports that identity theft represented 65% of the breaches that occurred in the first half of 2018, such as Exactis and Firebase. As we’ve seen in the past, once cybercriminals get their hands on personal information, they will monetize it by selling identity footprints directly on the Dark Web or organizing payment fraud schemes.

Follow along as the ID Agent Team explores the global landscape of data breaches across the United States, providing you with actionable insights for protecting yourself, customers, and employees.

United States

The cost of lost business for US organizations is almost twice as much as the next runner up country.

A glance at recent headlines can characterize most US data breaches in 2018: newsworthy and expensive. At $7.91M, the average total cost in the United States is the highest around the globe. Although this can be largely attributed to organizational spending on post-breach responses, notification costs, and customer churn, it also highlights a cultural phenomenon.

Current American legislation surrounding notification laws creates a domino effect, where the end-user has a greater awareness of data breaches, higher expectations for identity protection by companies, and fleeting loyalty caused by the availability of other options. Such insight is illustrated by the $4.2M cost of lost business for US organizations, a number that is nearly twice as high as the next runner-up.

Timeline of U.S. Breaches in 2018

March 17, 2018 – It was revealed that Cambridge Analytica was responsible for harvesting private information from Facebook profiles.

Late March 2018 – In late March, Under Armour announced that a data breach affected an estimated 150M users of its MyFitnessPal application.

May 2018 – Twitter urges more than 330M users to change their passwords after reporting that a glitch caused data to be stored in readable form (unencrypted) rather than being hashed (encrypted).

Late June 2018 - In late June, a security researcher discovered that the database of marketing firm Exactis was being stored on a publicly accessible server with 340M records exposed.

September 2018 - Facebook notified users that yet another massive data breach compromised the accounts of over 50M users. Hackers had exploited a security weakness present in the social network’s code since July 2017 to steal automated log-in credentials.

November 2018 – Marriott revealed on November 30th this hack, of as many as 500M records, had been continuously compromising data on guests staying at Marriott Starwood properties since 2014, including everything from names, addresses, phone numbers, passport numbers to payment card numbers and expiration dates.

The rest of the report goes into detail about Canada, Europe, Australia and New Zealand and it is worthwhile reading. Read the full report here.

When we reflect on data breaches in 2018, it will be important to account for the good with the bad.

Even though cyber attacks are growing in cost, size, and impact, there is an enhanced sense of global awareness and vigilance that will serve as the foundation for better cybersecurity.

With privacy regulations taking shape in countries most affected, we can predict that identification, escalation, and mitigation will be the focus of many organizations going forward.

As we’ve all heard before, it’s no longer a question of “if,” but “when” a company will get breached.

To future-proof ourselves, our employees, and our customers, it will become paramount to invest in solutions that can pinpoint threats proactively, contain compromises quickly, and empower parties that are affected so that they can take action.

What’s It All About?

You’re protecting your business, yourself and your way of life. That’s all!

Your lifestyle is what a Data Breach can destroy if you’re not vigilant and actively defending yourself.

How Do You Defend Yourself?

Proactively defend yourself using four strategies. They are:

3. Technical expertise

Some people we talk to, including personal friends of mine who own their own business, have a belief that a router and a few backups are all they need to ensure their business against a natural disaster, or an electronic disaster (read Data Breach). Nothing could be further from the truth.

They believe that their business is too small for hackers to be interested in breaching their computers at their business. They could not be more wrong. Remember, hackers don’t just care about YOUR business. They care about anything they can extract from all of your customers as well.

Today, in October 2019, you have to use multiple strategies to defend your business. If you don’t, more than likely, you’ll end up on the wrong side of statistics. That is, your business will become known as one of the small businesses forced to close its doors after a data breach.

DTS InfoTech Can Help

We’re good at preventing Data Breaches and training your employees to be vigilant. Seriously, we are.

We know how intimidating technology can be, we make a living helping people just like you who have questions about all thing’s technology, and that includes preventing a data breach.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, we can help.

If you would like more information about preventing a data breach give us a call, we’re always happy to chat, and the call is free!

Protect your data

As we discussed, ShareThis already deactivated the affected users. These users include those who registered before January 2017.

But, even if you haven’t logged into ShareThis for a while, don’t be complacent. Why?

You may be using the same email or passwords to your other accounts. So, hackers can still use that to gain access.

What’s worse? If you used those details to your bank account, they could log in!

So, we advise you to change passwords. Besides, change it as soon as possible. Don’t wait for breaches to happen.

Here are some good password habits.

  1. Have a regular password change. Also, this is important whenever breaches happen.
  2. Do not reuse passwords. So, you should use different passwords for every website.
  3. Create strong and unique passwords. A strong password includes the capital and small letters. Also, special characters like symbols can add complexity. It should also have numbers.

What You Can Do

Since the company announced the intrusion, it&rsquos established a dedicated website where you can go to see if your information has been compromised. You can head to the Enroll page of the site, enter your last name and last six digits of your Social Security number. Equifax will then tell you whether or not your personal information may have been compromised.

By enrolling, users may waive their right to take part in a class action lawsuit against Equifax at a later date.

You&rsquoll then have the option of whether or not you want to enroll in a complimentary year of Equifax TrustedID Premier. TrustedID Premier is the complimentary identity theft protection and credit file monitoring product Equifax is offering after you check to see if you were affected, regardless if your info was compromised. Equifax says that the enrollment process could take several days, so you&rsquoll get a unique enrollment date. Keep in mind the enrollment period ends on November 21, 2017.

Regarding the possible waiver of the right to take part in a class action, Equifax said, responding to a question by New York State Attorney General Eric Schneiderman, that the arbitration clause in question does not apply to the hacking incident:

After conversations w my office, @Equifax has clarified its policy re: arbitration. We are continuing to closely review.

&mdash Eric Schneiderman (@AGSchneiderman) September 8, 2017

Equifax is recommending that you get a free copy of your credit report from the three major bureaus &mdash Equifax, Experian and TransUnion. In addition, Equifax says that if you believe any of your information was stolen, you should contact a law enforcement agency.

If your information was compromised, you could also consider freezing your credit reports. As MarketWatch reports, contact Equifax, Experian and TransUnion to request a freeze on your reports and will prevent anyone from opening a new account. It comes with a small fee, but that could be worth it to avoid any issues in the near- or long-term future.

Not long after Equifax announced the breach, a class-action lawsuit was filed against the company. In the complaint, which was filed in Portland, Oregon, users say that Equifax was negligent in protecting consumer data and chose instead to save money instead of implementing safeguards. Equifax hasn&rsquot commented on the lawsuit.

This post has been amended first to reflect that users may waive some of their legal rights by signing up for Equifax&rsquos TrustedID Premier monitoring service, and then to indicate that Equifax has stated that this waiver would not apply to the hacking incident.

How to Monitor Your Credit After a Data Breach

You’ve received that dreaded email or letter from a service you use: There has been a data breach, and your information may have been compromised.

It has probably happened to you before, because data breaches happen often. These notifications tend to at least instruct customers to change their passwords, but depending on the level of breach and the sensitivity of information kept by the service, customers may be told to monitor their bank accounts or may receive free identity theft protection.

It can seem overwhelming and inconvenient, but the plan of action in such a scenario is pretty straightforward.

Manage Passwords
First, make sure the data breach is real. You shouldn’t be asked to verify personal information via email, so if that’s what a message requests, don’t respond. Check the service’s website for news about a breach or reach out to customer support for details.

Changing passwords should be another early action, but don’t overlook this important step: Change your email password. If someone has compromised an account tied to your email, your email could be a potential target for hackers. You don’t want to send new-password notifications to an unsecure email address, so that password is the first that needs to change.

Even if you didn’t receive notification from a service that has experienced a data breach, you should change your password as a precaution. When a company gets hacked, it’s usually in the news, so if you hear of something that could affect you, be proactive.

While you shouldn’t use a password for multiple accounts, people commonly do. Be sure to update any account that may use the same password as the compromised one.

Monitor Your Money

Consumers should regularly review their bank accounts, credit reports and credit scores as a way of staying on track with financial goals and looking out for irregular activity, which could point to fraud.

For victims of a data breach, this is especially important. Someone has your information, and it’s not always clear what the thieves are capable of doing with it. Look for credit card transactions you didn’t make or correspondence from an unfamiliar company — these could be signs of identity theft.

Consumers are entitled to free annual credit reports from the three major credit reporting agencies: Experian, Equifax and TransUnion. These reports should reflect accurate personal information, but if something is amiss, it should be disputed immediately. Watching credit scores for sudden changes will also help uncover fraudulent activity, and consumers can do this by signing up for’s free monthly Credit Report Card.

Many banks also allow customers to set up alerts for transactions of a certain dollar amount, which can help them spot transactions they didn’t make.

See What They’re Offering

In some cases, the company that held your information will offer services in response to a data breach, like discounts on their own products. Compromised companies often arrange for their customers to receive a yearlong credit monitoring or identity theft protection membership.

While you can monitor your credit on your own, using techniques described above, these services provide tools such as alerts, identity theft insurance, a support team, credit reports and credit scores for free or at a discount. The free, extra protection could be helpful if your information was compromised.

But the risk isn’t gone after a year, because once your information is stolen, there’s no knowing where it may be. This is why regular credit monitoring is important, though consumers can also pay for protection after a complimentary membership has expired.

Regardless of the method, individuals should always watch their personal information closely and know that risks after a data breach do not go away with time.

MGM Resorts Breach

MGM Resorts suffered a breach in the summer of 2019. The company did not publicly disclose the breach until 2020 when hackers started selling the data on a cybercrime marketplace. The company did not reveal the severity of the breach, but 10.6 million users’ information was put up for sale in February. By July of 2020, the number of affected users skyrocketed by 14 times to 142 million users.

The data disclosed included full names and addresses, as well as dates of birth and phone numbers. Hackers claimed to have obtained the information by breaching Night Lion Security, a third-party that offers increased cyber-security to businesses. Vinny Troia, the company’s founder, claims the hackers are just trying to ruin his company’s reputation.

The head of research for cyber intelligence firm KELA speculates that the breach could be even bigger. According to posts on Russian-speaking hacking forums, up to 200 million users may have had their data stolen.

CNET's best tech products of 2019


A show-stopping 4 billion social media profile records were exposed to the public on an unsecure Elasticsearch server, for a mind-blowing total of 1.2 billion unique people exposed originating from two data enrichment companies. That's one of the largest single-source exposures we've ever seen. Adobe left 7.5 million Creative Cloud customer records on an unsecure database. Meanwhile in the Motherland, over 20 million Russian citizen tax records were left sitting on an open database for anyone to see, showcasing information collected from 2009 to 2016.


In November's laundry list of leaks, hacks, breaches and exposures, a couple of tech employee incidents stand out. Facebook was back in the headlines after about 100 app developers were given inappropriate access to profile data. A previous breach came to light this month, detailing the account of a rogue employee at cybersecurity firm Trend Micro, who stole the personal data of about 70,000 of the firm's customers and later used it to scam customers.


Some 100 women who were the victims of an explicit photo leak are expecting a present on Christmas Eve when the offending leaker, a former Dutch politician, will stand for sentencing. Prosecutors have asked the judge to hand down at least three years of hard time after the disgraced Nederlander was found to have hacked the women's personal iCloud accounts with credentials found in earlier public database breaches.


  1. Marty

    And still variants?

  2. Freddy

    Of course, it is never possible to be safe.

  3. Abdul-Rafi

    In my opinion, you are making a mistake. Email me at PM, we will discuss.

  4. Meturato

    And what would we do without your very good phrase

Write a message