Last week, nearly 800,000 customer details were taken from a forum associated with popular adult website Brazzers, with usernames and passwords of users being exposed by the cyber-attackers.
The leak, which was disclosed by a breach notification website called vigilante.pw, contained 790,724 email records in total, alongside forum usernames and even plain-text passwords.
This data is now available to anyone who seeks it; and will most likely fall into the hands of those who will gain from promoting adult services to what would appear to be an engaged customer base. However, more worryingly, those with malicious intent could look to extort the compromised users through blackmail or threats of ransom.
Following this data breach, Brazzers now joins the list of companies which have, too, seen their customers’ data being published on the dark web such as LinkedIn, VK, Myspace and Dropbox. So what can we learn from these hacks? How can other businesses avoid finding themselves in a similar situation?
Well, firstly, this kind of hack highlights the complexity of maintaining personal privacy and security online, and keeping your customers’ private life private. Although this particular incident concerns an adult site, the flaw came from a piece of generic shared software that is also used on many other sites. Would you do your banking in a brothel? Perhaps, perhaps not. But due to all this technology and identity mixing online effectively you may not have a choice.
With generic software bugs all over the internet - combined with consumers reusing email addresses and passwords for many different purposes - there is total uncertainty about what parts of your online, and real, identity are safe, and which might be exposed to public gaze.
A recent study, conducted by the UK government, revealed two thirds of large UK businesses have been hit by cyber breach or attack in past year, with many of these going public and resulting in critical hits to both brand reputation and revenue.
This latest breach also underlines the clear requirement for advanced cyber-security techniques – such as robust encryption – that protect organisations from allowing hackers to penetrate their networks and access potentially sensitive user data.
With cyber-attacks costing businesses over two trillion every year, there has never been a more critical time for businesses to assess their data infrastructure and ensure that any sensitive of business-critical information is secured from attackers.
Today, our recent research with the Ponemon Institute has found that more businesses than ever are deploying encryption strategies to ensure the robust security of their mission-critical information. However, this Brazzers breach, along with a whole host of recent data losses, has only highlighted the need for those that haven’t deployed such technology to think long and hard about why they’re willing to take that risk. After all, safeguarding data helps to protect all-important revenue generation, as well as critical reputation management.