article thumbnail

National Public Data Published Its Own Passwords

Krebs on Security

KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until today. In April, a cybercriminal named USDoD began selling data stolen from NPD.

Passwords 335
article thumbnail

Anyone Can Trick AI Bots into Spilling Passwords

Data Breach Today

Thousands of People Tricked Bots into Revealing Sensitive Data in Lab Setting It doesn't take a skilled hacker to glean sensitive information anymore: all you need to trick a chatbot into spilling someone else's passwords is "creativity."

Passwords 292
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Singapore to Phase Out One-Time Passwords in Banking

Data Breach Today

Monetary Authority Responds to Surge in Phishing Scams That Impersonate Banks The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity.

Passwords 255
article thumbnail

GitLab Hackers Use 'Forgot Your Password' to Hijack Accounts

Data Breach Today

The vulnerability allows hackers to use the "forgot your password" function to send a reset link to an attacker-controlled inbox. US CISA Orders Federal Agencies to Apply January Patch The U.S. federal government's cybersecurity agency warned that hackers are exploiting a vulnerability in DevOps platform GitLab that was patched in January.

Passwords 281
article thumbnail

Breach Roundup: Google Phases out Passwords

Data Breach Today

Also: Microsoft Will Bid VBSript Goodbye and A Novel Magecart Attack This week: Google began phasing out passwords, Microsoft will bid VBSript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S.

Passwords 273
article thumbnail

Okta Buys Personal Password Manager Uno to Service Consumers

Data Breach Today

Uno's Design Wisdom Will Accelerate Rollout of Okta's First-Ever Consumer Product Okta bought a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer identity market.

Passwords 292
article thumbnail

Breaking a Password Manager

Schneier on Security

Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past.

Passwords 113