Data breaches have seen no sign of slowing over the 2020 period with every major chain, brand and online source having minor to major incidents, some even resulting in fines within the millions for not implementing up to date security measures to prevent theft and protect consumer data.
The most recent victim comes in the form of online tech and culture news website Mashable, which announced on November 8 that their database containing the reader’s social media sign in details (used to access the platform for commenting etc) had been found online.
Discovered So Far
The Media company was quick to act upon discovery of the breach and identify that a hacker that was well known for targeting websites and apps was in fact behind the breach and responsible for the posting online of the data.
Although the culprit has not been officially named at this time, what is known is that the leaked data consisted of users’ full names, locations, email addresses, genders, IP addresses and links to social media platforms.
The social media account sign in was designed with making sharing mashable content easier for users on social media platforms such as Facebook and Twitter, however it has provided the hacker with enough information to be valuable to third parties looking to underhandedly gain information on users.
All affected accounts have since been disabled as a precaution. On the plus side there was no leaking of password information and Mashable have pointed out that they do not hold any of its users’ financial information, which has come as a small relief.
Plenty of Phish
Mashable has both a UK and US version of it’s website produced with a combined figure of 45 million monthly visitors since its inception in 2005.
The site has long been at the forefront of technology and science news as well as pop culture and entertainment. Following the breach, the site has alerted users to be wary of phishing campaigns resulting from the incident.
Alerting users to the warnings of emails with links to unfamiliar sites, Mashable have asked that anyone receiving any suspicious email activity is to contact them at firstname.lastname@example.org so that investigations can be made. Also it is advised not to share passwords, personal details or payment information with any third parties through email or suspicious links.
Mashable has stated that the protection of user data is their highest priority and have apologized or inconveniences and concern over the theft and reassure that the highest levels are being taken in ensuring that it never happens again.