Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

May 14, 2016

Consent/Anonymised Data Concerns For Nulled.io?

Filed under: Cybersecurity,Security — Patrick Durusau @ 10:06 pm

Famous Nulled.io Hacking Forum Suffers Devastating Data Breach by Catalin Cimpanu.

From the post:


According to security firm Risk Based Security, the leaked data was offered as a 1.3 GB tar archive that decompressed to a 9.45 GB db.sql file, which was a database dump of the entire forum’s database.

Everything from user accounts to private messages, and from VIP forum posts to financial transactions were included. More precisely, the data contained 536,064 user accounts, 800,593 user personal messages, 5,582 purchase records, and 12,600 invoices.

For each user, leaked data included his forum username, email address, hashed password, join date, IP records, and other forum-related tidbits such as titles and post counts.

Crime investigation agencies are most likely to be interested in this leak since it also includes 907,162 authentication logs with geolocation data that will allow them to tie various criminal activity to IPs, forum usernames, and email addresses.

I am waiting to see Oliver Keyes, OKCupid data and Scientific Censorship, ride in to condemn this unknown hacker for breaching the privacy of the users of Nulled.io and for the data not being anonymised.

Or in Oliver’s words on another data breach:

…this is without a doubt one of the most grossly unprofessional, unethical and reprehensible data releases I have ever seen.

I wonder where this one ranks?

Considering that criminal charges are a distinct possibility from the data breach?

I haven’t looked at the data, yet, but if hackers failed to take steps to conceal their identities on a site devoted to hacking, user education on security may be a lost cause.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress