Best of Data Breach — 2025

1. 1
   Article

   The Hacker News·35w

   How One Bad Password Ended a 158-Year-Old Business

   KNP Logistics, a 158-year-old UK transport company, was forced into administration after the Akira ransomware group gained access through a weak, easily guessed employee password. The attackers encrypted critical data, destroyed backups, and demanded £5 million ransom, leading to 700 job losses. The incident highlights how basic security failures can destroy established businesses, with 45% of compromised passwords being crackable within a minute. Strong password policies, multi-factor authentication, zero-trust architecture, and tested backup systems are essential defenses against such attacks.

   105

   12
2. 2
   Article

   Community Picks·1y

   Terminal

   The post provides a collection of important external reports and articles related to cybersecurity, including the 2024 Consumer and Business Cybersecurity Assessment Reports by BitDefender, the 2023 Annual Data Breach Report by ITRC, and the 2024 DBIR Insights by Verizon. Additional resources mentioned include the FBI Internet Crime Complaint Center and the Anti-Phishing Working Group.

   71

   2
3. 3
   Article

   Tech Lead Digest·24w

   Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

   WatchTowr researchers discovered over 80,000 leaked sensitive secrets on JSONFormatter and CodeBeautify platforms, including passwords, API keys, cloud credentials, and private keys from government, finance, healthcare, and telecom organizations. Users unknowingly exposed data through predictable public URLs when using "Save" features. Despite months of warnings to organizations, the leaks persist, with evidence showing attackers already scraping these platforms. The research highlights critical security negligence in how developers handle sensitive information on public code-formatting tools.

   60

   4
4. 4
   Article

   Troy Hunt·25w

   Why Does Have I Been Pwned Contain "Fake" Email Addresses?

   Have I Been Pwned (HIBP) contains seemingly "fake" email addresses because it extracts any string matching valid email format (alias@domain.tld) from breach data, without verifying if actual mailboxes exist behind them. These addresses appear in breaches because websites often store unverified email addresses in their databases before users complete email verification. The service processes 7 billion unique addresses, making individual mailbox verification impossible. The extraction logic is open source and follows RFC standards for email structure, not deliverability.

   32

   6
5. 5
   Article

   Troy Hunt·35w

   Welcoming CERN to Have I Been Pwned

   CERN, the birthplace of the World Wide Web and home to the Large Hadron Collider, has joined Have I Been Pwned as the 41st intergovernmental organization. This partnership provides CERN with free access to query breach data across all their domains, helping protect their staff from online threats. The announcement highlights CERN's unique position as an intergovernmental organization that transcends national borders while facing the same cybersecurity challenges as sovereign governments.

   24

   1
6. 6
   Article

   Dickson A.·36w

   Y Combinator Bot Secrets Leak

   Y Combinator experienced a security incident where bot secrets were compromised and exposed. The organization responded quickly to address the vulnerability, and the related GitHub issue has since been removed.

   14

   1
7. 7
   Video

   Fireship·1y

   4chan penetrated by a gang of soyjaks…

   4chan was hacked by a rival group from Soyjack.party who exploited a security vulnerability in 4chan's outdated PHP-based backend. This hack resulted in the exposure of private emails and IP logs of site janitors. The hack was performed through the uploading of malicious PostScript files, leveraging old software vulnerabilities. The incident also highlighted the importance of the CVE database in tracking software vulnerabilities.

   11

   1