Weekly Update 412
When is a breach a breach? If it’s been breached then re-breached, is the second incident still a breach? Here’s what the masses said when I asked if they’d want to know when something like this happened to their data:
If you’re
Author Archives: Troy Hunt
Weekly Update 411
The ongoing scourge that is spyware (or, as it is commonly known, “stalkerware”), and the subsequent breaches that so often befall them continue to amaze me. More specifically, it’s the way they tackle the non-consensual spying aspect of the service which, on the one hand is
Begging for Bounties and More Info Stealer Logs
TL;DR — Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service.
How many attempted scams do you get each day?
Continue reading Begging for Bounties and More Info Stealer Logs
Weekly Update 410
Who would have thought that just a few hours after recording the previous week’s video, the world would descend into what has undoubtedly become the largest IT outage we’ve ever seen:
I don’t think it’s too early to call it: this will
MVP 14
Just over 13 years ago, Microsoft gave me my first “Most Valuable Professional” award. Out of the blue, as far as I was concerned. It wasn’t something I’d planned for and it certainly wasn’t something I’d expected, but it has
Weekly Update 409
It feels weird to be writing anything right now that isn’t somehow related to Friday’s CrowdStrike incident, but given I recorded this video just a few hours before all hell broke loose, it’ll have to wait until next week. This week, the issue that
Weekly Update 408
I get the frustration and anger those working at organisations that have been breached feel, and I’ve seen it firsthand in my communications with them on so many prior occasions. They’re the victim of a criminal act and they’re rightly outraged. However… thinking back
Weekly Update 407
It’s a long one this week, in part due to the constant flood of new breaches and disclosures I discuss. I regularly have disclosure notices forwarded to me by followers who find themselves in new breaches, and it’s always fascinating to hear how they’re
The State of Data Breaches, Part 2: The Trilogy of Players
Last week, I wrote about The State of Data Breaches and got loads of feedback. It was predominantly sympathetic to the position I find myself in running HIBP, and that post was mostly one of frustration: lack of disclosure, standoffish organisations, downplaying breaches and the individual breach victims themselves making
Continue reading The State of Data Breaches, Part 2: The Trilogy of Players
Weekly Update 406
Why does it need to be a crazy data breach week right when I’m struggling with jet lag?! I came home from Europe just as a bunch of the Snowflake-sourced breaches started being publicly dumped, and things went a little crazy. Lots of data to review, lots of