Data Breaches like Apollo are why we exist.

In July 2018, an open Amazon AWS S3 bucket was discovered by Vinny Troia which belonged to the sales intelligence startup Apollo (formally known as ZenProspect). The S3 bucket contained a database housing 212 million contact records, as well as nine billion data points relating to the users & their companies or organisations. Troy Hunt’s Have I Been Pwned service was kindly supplied with the 126 million unique email addresses contained within the breach by Vinny, which subsequently alerted the vast majority of the tech community to the breach.

Read more...

Security for Startups – What you need to know

Sometimes we are simply too busy grafting or deeply involved in our startups and nurturing their growth, that we forget to think about the security of our employees, our infrastructure or our code. Often it is necessary to cut a few corners & occasionally think about security a little further down the line, but it’s important that we never fully ignore it. It is this very reason that startups make for very tempting targets to the nefarious among us, where large growth equals lots of potential user data to steal.

Read more...

List of Data Breaches for 2017

Here is a list of all the data breaches that took place – or were publically notified of, in 2017. Included are a number of household names (Uber, Forever 21), as well as some lesser known businesses who process sensitive information such as resumes.

Read more...

Earlier this month we started working on a little side project after being notified of an interesting conversation on Twitter. The basic concept was using Amazon AWS S3 buckets as honey pots, which would identify when someone is doing reconnaissance against your brand or infrastructure. This seemed like quite a fun and novel idea we could turnaround in a short space of time, so we started fleshing it out.

Read more...

At Breach Insider, we see a similar story over and over again via social media and other outlets, with folks suggesting various companies may have suffered a breach due to their accounts becoming compromised, or receiving spam:

While there is the possibility that this may be the first sign of a breach, there are some other reasons why this may have happened:

Read more...