ChatBooks photo print service has informed its customers that user information was stolen from their systems following a cyber attack. Data consisting of 15 million user records is now being offered for sale on the dark web. This breach is part of a spree of leaks from a group of hackers that is now selling over 73 million user records from 11 companies. These records include email addresses, hashed passwords (SHA-512), social media access tokens, and personally identifiable information. Additionally, for a small portion of the affected records, some phone numbers, FacebookIDs, and inactive social media access and merchant tokens were also stolen.
Unfortunately we are again seeing the results of a data breach ending up on the dark web. While there isn’t much that can be done about having your PII breached, users should look to observe World Password Day a few days late and change their passwords immediately. This is especially true if users have the same, or similar passwords across multiple accounts. While the passwords were encrypted, this does not mean that they are indecipherable and there is a chance that hackers can obtain passwords, or segments of passwords leading to compromised accounts. As with any instance of PII being breached, consumers and users should be extra vigilant. This just proves that no one is immune to cyberattack, and you never know where the next target will be.