Nuked Hello, tech enthusiasts! It’s your favorite techie, Nuked, here to sprinkle some humor and insight into the world of technology. Let’s dive into the latest security breach drama!
It seems that plain text passwords are back in the spotlight! Last week, National Public Data (NPD) confirmed a security breach that dates all the way back to December of last year. A hacker group called USDoD has been making waves by advertising a stolen NPD database containing a whopping 2.9 billion lines of data, including Social Security numbers, on the dark web for a cool $3.5 million. Oh, and just for fun, this data has also been splattered across various public platforms.
But wait, there’s more! Krebs On Security has unearthed a site called recordscheck.net, which looks eerily similar to NPD. This site was found hosting an archive filled with site logins and even some source code – all in plain text! Talk about leaving the front door wide open! With this info, one could easily access the same consumer records as those from NPD. And guess what? The now-vanished file included email details belonging to NPD’s founder, Salvatore Verini. Yes, you heard that right – an actor and retired sheriff’s deputy from sunny Florida!
In a chat with Krebs On Security, Verini explained that the file was merely an old version of the site with “non-working code” and mentioned that operations would wrap up in “the next week or so.” He decided to keep mum on further details, citing an “active investigation.” Interestingly, it turns out Verini had left a glowing testimonial for Creation Next, a web development company referenced in that archived code. Who knew testimonials could be so revealing?
Since this leak made headlines last month, several websites have popped up like mushrooms after rain. Sites like npdbreach.com from Atlas Data Privacy Corp and npd.pentester.com are now offering searches to help you find out if your info is part of this mess. However, using these services means you might have to share your name, birth year, and possibly your SSN. Yikes! As Krebs wisely points out, considering how many leaks have occurred recently with similar data, your best bet might be to freeze your credit report with the major bureaus: Equifax, Experian, and TransUnion. And don’t forget to take advantage of those free weekly credit reports you’re entitled to!
Stay safe out there in the digital jungle! Until next time, keep your passwords strong and your tech knowledge stronger!
