VerticalScope experiences major data breach: 45 million records stolen

Duncan-Andison

VerticalScope has experienced a major data breach, with cybercriminals making off with over 45 million records belonging to over 1,100 websites, it has been reported.

LeakedSource, which provides detailed information on data breaches, said that some of the websites impacted by this include Techsupportforum.com, MobileCampsites.com, Pbnation.com and Motorcycle.com.

It is believed that the security incident took place in February 2016, although this has yet to be officially confirmed by VerticalScope.

The company, which specializes in “the acquisition and development of websites and online communities” across certain markets, did however say that it was “aware of a possible issue”.

Jerry Orban, vice-president of corporate development at VerticalScope, told ZDNet in an email: “We believe that any potential breach is limited to usernames, user IDs, email addresses, and encrypted passwords of our users.

“In addition, we are reviewing our security policies and practices and in response to increased internet awareness of security-related incidents … we are implementing security changes related to our forum password strength and password expiration policies across certain forum communities.”

According to LeakedSource, the severity of this data breach and the ability to extract a large trove of data suggests that VerticalScope stored its data on “interconnected or even the same servers”.

As to how exactly cybercriminals were able to access this information, there is currently little to do go on. The possibilities are numerous.

For example, cybercriminals not only have multiple tools at their disposal, but they are also able to exploit numerous flaws.

Consequently, it could have as the result of internal shortcomings – data leaking out of an organization – or through external means, such as a zero-day attack.

by Narinder Purba, ESET We Live Security


2 thoughts on “VerticalScope experiences major data breach: 45 million records stolen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s