Dreamhost Leaks 814 Million Records

By   ISBuzz Team
Writer , Information Security Buzz | Jun 28, 2021 01:07 am PST


DreamHost, one of the largest website hosting providers, has leaked 814 million records online including customer data. Researched and reported by independent cyber security researcher Jeremiah Fowler as well as Website Planet, the team discovered a non-password protected database that contained just under 1 billion records. The exposed records revealed usernames, display names, and emails for WordPress accounts. An expert with Blue Hexagon offers perspective.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saumitra Das
Saumitra Das , CTO and Co-founder
June 28, 2021 9:08 am

<p>Misconfigurations continue to be a significant source of breaches both in the public cloud and private data centers. One key element of this breach is how it revealed the software stacks of the affected users and would allow the attackers to not just sell the data they stole but perform follow-on phishing or vishing attacks on those users based on this knowledge or even triangulate the hosted websites of those users and attempt to exploit them based in the software versions revealed in this breach.</p> <p>&nbsp;</p> <p>Breaches are becoming a chain with each piece of stolen data enriching information and techniques that attackers can use to further their aim. Each data breach adds to the knowledge graph of victims an attacker has, to allow them to choose the next easiest or most profitable step to take.</p>

Last edited 2 years ago by Saumitra Das

Recent Posts

Would love your thoughts, please comment.x