Freecycle confirms massive data breach impacting 7 million users
Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected more than 7 million users.
The nonprofit organization says it discovered the breach on August 30th, weeks after a threat actor put the stolen data for sale on a hacking forum on May 30, warning affected people to switch passwords immediately.
The stolen information includes usernames, User IDs, email addresses, and MD5-hashed passwords, with no other information exposed, according to Freecycle.
From screenshots shared by the threat actor who is selling the stolen information, the credentials of Freecycle founder and executive director Deron Beal were stolen in the incident, giving the threat actor full access to member information and forum posts
"On August 30th we became aware of a data breach on Freecycle.org. As a result, we are advising all members to change their passwords as soon as possible," Beal warned in a notification added to the homepage.
"We apologize for the inconvenience and would ask that you watch this space for further pending background."
Freecycle data up for sale (BleepingComputer)
Those using the same credentials on other online services were also advised to change them to prevent account breaches.
To reset your Freecycle password, you can use one of two methods:
- From your profile's settings and scrolling down to the Password Reset section
- From the password reset page via email
Users should be aware of delays (up to one hour) affecting the password reset process via email because Freecycle's "email system is very busy at this time."
After being made aware of the data breach, Freecycle said that it also reported the incident to the appropriate authorities.
"While most email providers do a good job at filtering out spam, you may notice that you receive more spam than usual," users were cautioned.
"As always, please remain vigilant of phishing emails, avoid clicking on links in emails, and don't download attachments unless you are expecting them."
Freecycle boasts a user base comprising nearly 11 million members from more than 5,300 local towns worldwide.
Source: bleepingcomputer.com
Bạn cũng có thể quan tâm
John&Partners, LLC. Cybersecurity
7443 Brompton, Houston, Texas 77025 , USA