Peatix sent an email to its users that their information has been improperly assessed or obtained. Peatix is an event organizing platform, currently ranked among the Alexa Top 3,500 most popular sites on the internet.
Great #peatix hacked pic.twitter.com/29y92iw1CD
— gebhard scherrer (@gscherrer) November 21, 2020
Usually, when we hear about hackers offering stolen data, this takes place over deep web forums or pages. In this case, however, we are also seeing the use of social media platforms such as Instagram and messaging apps like Telegram to promote stolen names, usernames, hashed passwords, and email addresses.
Peatix has issued a notification on their webpage about the breach and is also contacting users to change their password on the platform to avoid possible account misuse. Users should, however, also change their passwords on other services where they have been reused. It is also critical that users are vigilant as their data may be used in phishing campaigns in an attempt to gather additional data or even gain access to their computer. As such, be wary of emails with attachments or links.
While it\’s good news that none of Peatix\’s customers apparently had their credit card information accessed, I still strongly advise Peatix users to keep an eye on all of their financial accounts. Changing their password in a case like this should go without saying, but let\’s do that anyway. Also, users need to make sure they haven\’t reused their Peatix password on any other websites or accounts.
Users also need to be alert for phishing attempts from bad actors posing as Peatix via email or text.
Peatix has not stated what algorithm is used to hash and salt the passwords in the database, which would give us a better indication as to whether users\’ passwords are at risk. I\’ve seen plenty of breaches of passwords that were hashed with deprecated algorithms such as SHA1 or MD5 that can be cracked with little effort, so it would be good to know what algorithm was used to encrypt those passwords.
Peatix users should change their passwords on Peatix and any other accounts that share the same password. Every account should use a unique password to prevent hackers from attempting credential stuffing attacks. Credential stuffing is an automated process that attempts logins on dozens of online accounts using known email and password combinations.
Users should also be on the lookout for targeted phishing emails from scammers posing as Peatix or a related company. The personal details from the database can be used to personalize phishing messages and make them more convincing. Do not click on links or attachments in unsolicited emails and always verify the sender\’s identity before responding.
Sharing stolen data has become a quick way of making cash. We used to see this sort of information being sold on the dark web only, but more recently we have seen a shift to it being offered on the open web. Instagram stories are a quick way to open up to the masses in a short space of time and therefore increases the chances of a quick sale.
If anyone has been affected by the breach it is vital that they follow the steps to build more protection on their accounts. Furthermore, if anyone spots an account selling stolen data they must report the post and account to Instagram as soon as possible.