• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

Collectibles app’s user credentials collected, posted on dark web forum

by Cyber360 News
April 15, 2020
in Data Breach
0
Collectibles app’s user credentials collected, posted on dark web forum
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

A post on a dark web hacking forum has exposed four million user credentials that were taken from Quidd, an app designed for trading collectibles featuring popular brands, entertainment properties and fictional characters.

Risk-Based Security reported via a company blog post that its Data Breach Research discovered the pilfered data, which the forum is not selling but rather making available “in a non-restricted manner.”

Affected data includes email addresses, usernames, and bcrypt-hashed passwords of 3,954,416 users, the blog post states. “One threat actor responded to the post stating that he has already cracked, or decrypted, nearly a million password hashes,” the report continues.

Among the leaked credentials are more than 1,000 business emails from major companies such as AIG, Experian, Microsoft Target and more, which increases the risk of future possible spear phishing and business email compromised campaigns targeting those organizations.

The data dump was posted on March 12 by an individual who goes by the alias Protag and then reloaded by a different user on March 29.

SC Media reached out to a press contact for Brooklyn-based Quidd and requested comment.

“In addition to changing Quidd account passwords, users should also change the passwords on other accounts that use the same password to prevent credential stuffing attacks,” said Paul Bischoff, privacy advocate with Comparitech. Credential stuffing occurs when hackers use login credentials from one service to attempt logging in on other services, because they know many people reuse passwords across multiple accounts.”

Topics:

Cybercrime
Data Breach

Cyber360 News

Cyber360 News

Next Post
Microsoft addresses three Windows issues actively exploited

Microsoft addresses three Windows issues actively exploited

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In