As reported by ZDNet, an Elasticsearch server left exposed online without a password has leaked the personal details of hundreds of thousands of users who signed up for online dating sites.
When data has been stolen, it is a race against time to make those affected aware of the situation so they do not become caught up in phishing scams. Companies hold a great deal of responsibility in handling our personal data, which must be guarded with the utmost protection. However, threat actors are increasingly keen to get their hands on what they can to pursue their attacks.
Phishing attacks simply rely on the trust we hold in people, which works better when the data in the original email has corresponding and genuine private data acting as a false verification trick. Scammers have now become experts in the field of digital impersonation, are able to manipulate their victims, and are constantly on the lookout for data breaches such as this. Verifying authentic emails has never been more important but remains your best bet in beating the fraudsters.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics