Hacker Breaches DataViper Security Firm – Expert Commenetary

This morning, it was announced that that a hacker has breached the backend servers belonging to DataViper, a data leak monitoring service managed by Vinny Troia, the security researcher behind Night Lion Security, a US-based cyber-security firm. The hacker, who spent three months inside DataViper servers, claims to have stolen more than 8,200 databases that Troia had indexed for the DataViper data leak monitoring service. The exfiltrated databases contain the information of billions of users that was leaked during past security breaches from DataViper’s “data leak detection” service. The hacker, via a link to a dark web portal, shared the published information about the hack, including an e-zine (electronic magazine) detailing the intrusion into DataViper’s backend servers.

Experts Comments

July 15, 2020
Vinay Sridhara
CTO
Balbix
The DataViper breach shows that sensitive data continues to be attractive to adversaries, even far after a breach is over. With information on billions of accounts continuing to be out there, the need for proper password hygiene has never been more critical. Strong, unique, regularly changed passwords combined with a password manager and multifactor authentication are the only ways to help minimize the impact of both initial, and follow-on breaches of user account credentials. To accurately.....Read More
The DataViper breach shows that sensitive data continues to be attractive to adversaries, even far after a breach is over. With information on billions of accounts continuing to be out there, the need for proper password hygiene has never been more critical. Strong, unique, regularly changed passwords combined with a password manager and multifactor authentication are the only ways to help minimize the impact of both initial, and follow-on breaches of user account credentials. To accurately assess security risk, DataViper should employ an AI-powered solution that can provide real-time monitoring and pinpoint exactly where potential vulnerabilities lie. It is nearly impossible for security teams to determine such risks without automated software, as there are up to hundreds of billions of ways for hackers to infiltrate an enterprise network. As such, it is critical that companies quantify and prioritize breach risk reduction tasks.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts