Infosecurity Magazine reports personal data of an estimated 100,000 social media influencers has been accessed and partially leaked following a breach at social media marketing firm Preen.Me, Risk Based Security has discovered. The same breach has also led to more than 250,000 social media users having their information fully exposed on a deep web hacking forum, leaving these individuals at risk of being targeted by scams. The leak was discovered by Risk Based Security’s data breach research team on June 6 when a known threat actor revealed they had compromised Preen.Me’s systems and were holding the personal information of over 100,000 affiliated influencers under ransom on a popular deep web hacking forum. The actor shared 250 records via PasteBin on the same day, and two days later on June 8, stated their intention to release the other 100,000 records, although this has not yet occurred. The information includes influencers’ social media links, email addresses, names, phone numbers and home addresses.
While people generally focus on breaches that involve passwords, credit card numbers, or other financial details, breaches of this magnitude that compromise a significant amount of personal information cannot be ignored.
It is important to understand that not only was the information about the individual stolen, but other data such as Facebook friend lists and additional data that could even put others at risk. Given the volume of information lost here, it is important that the organization contact victims as soon as possible and that they provide a statement about the breach, something they have not done yet.
The practice of doxing, or releasing personal information about people\’s addresses, phone numbers or even employers, has long been looked upon as grievous offence in the cybersecurity community due to the potential impact is can have on the victims. This breach has released the same information about hundreds of thousands of victims who also are now at risk.
The 253,051 records that contain information such as Facebook account names and associated friend lists is a gold mine for social engineers. This information can be used to create fake lookalike accounts that can then be used to attack these friends. It is not uncommon to see these attacks used, often through a friend request or a message request that makes the user believe they are speaking to the real person, to spread malware or perpetrate other scams.
These victims of the breach should be very vigilant toward future emails, text messages and phone calls, as these are prime attack techniques for this type of information.
While people generally focus on breaches that involve passwords, credit card numbers, or other financial details, breaches of this magnitude that compromise a significant amount of personal information cannot be ignored.
It is important to understand that not only was the information about the individual stolen, but other data such as Facebook friend lists and additional data that could even put others at risk. Given the volume of information lost here, it is important that the organisation contact victims as soon as possible and that they provide a statement about the breach, something they have not done yet.
The practice of doxing, or releasing personal information about people\’s addresses, phone numbers or even employers, has long been looked upon as grievous offence in the cybersecurity community due to the potential impact it can have on the victims. This breach has released the same information about hundreds of thousands of victims who also are now at risk.
The 253,051 records that contain information such as Facebook account names and associated friend lists is a gold mine for social engineers. This information can be used to create fake lookalike accounts that can then be used to attack these friends. It is not uncommon to see these attacks used, often through a friend request or a message request that makes the user believe they are speaking to the real person, to spread malware or perpetrate other scams.
These victims of the breach should be very vigilant toward future emails, text messages and phone calls, as these are prime attack techniques for this type of information.