« Reply #1 on: August 09, 2024, 06:48:14 PM »
My Hotmail account has been pwned for the 1st time. That's better than my Comcast email where Ive been pwned in 11 data breaches. A "breach" is an incident where data has been unintentionally exposed to the public.
Not SOCRadar: In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format.
Compromised data: Email addresses
Here's SOCRadar’s Response to the USDoD’s Claim of Scraping 330 Million Emails.
SOCRadar’s Response to the USDoD’s Claim of Scraping 330 Million Emails
Recently, a threat actor identified as USDoD posted a claim on an online forum, alleging the breach and leak of over 330 million email addresses, supposedly attributed to SOCRadar. This prompted an immediate investigation by SOCRadar’s security team.
What Exactly Happened in This Incident?
The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses.
It is important to note that no technical vulnerabilities in the SOCRadar platform were exploited. The actor merely utilized functionalities inherent in the platform’s standard offerings, designed to gather information from publicly available sources. This incident highlights a significant issue in information ethics and security: distinguishing between legitimate use and potential misuse.
Is There a Risk to SOCRadar’s Customers?
Following an in-depth analysis of the situation, it has been determined that no access was granted to customer data or critical information. Our findings confirm no data breach involving our customers or SOCRadar’s internal systems.
While the collected data does not present an immediate risk, we maintain close contact with law enforcement and closely monitor the situation as it evolves.
Which Data Was Allegedly Leaked?
The threat actor used our platform to identify Telegram channel names and subsequently crawled these channels to collect email addresses. We have verified that these email addresses were sourced from publicly accessible channels.
How Did the Threat Actor Access the Data?
The threat actor purchased a Dark Web license using a legitimate company account, granting them access to SOCRadar’s platform like any other customer. While technically compliant with our Terms of Service, this method did not adhere to our intended use policies.
Was There a Breach of SOCRadar’s Security Systems?
Our comprehensive investigation concluded that SOCRadar’s security systems were not breached or vulnerabilities were exploited. The threat actor utilized our platform by the Terms of Service but in a manner that did not align with our intended use policies.
Why is Cybersecurity Companies Like SOCRadar Targeted?
Cybersecurity vendors, including KnowBe4, CrowdStrike, and SOCRadar, have recently faced increased attacks from threat actors. These companies are leaders in the fight against cyber threats and enhancing cybersecurity for organizations, making them prime targets for malicious actors seeking to exploit their resources.
What Measures Has SOCRadar Taken in Response?
In response to this incident, SOCRadar is conducting a comprehensive security review. This includes enhancing our monitoring systems to detect anomalies and reinforcing the security of our platform to prevent misuse of legitimate features that could lead to unauthorized actions.
What Should SOCRadar’s Customers and Partners Do?
Currently, no specific actions are required from our customers or partners.
What is SOCRadar’s Commitment Moving Forward?
SOCRadar remains committed to our clients’ security and privacy. We are taking proactive measures, including upgrading our monitoring and access controls, to prevent future misuse.
We also collaborate with law enforcement to ensure all necessary actions are taken. We value transparency and will keep our clients and the security community updated with any significant developments.
A detailed post-mortem analysis report has been prepared for SOCRadar customers and partners. Those wishing to access the report can request it by emailing info@socradar.io.https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/
Logged
""It may be laid down as a primary position, and the basis of our system, that every Citizen who enjoys the protection of a free Government, owes not only a proportion of his property, but even his personal services to the defence of it, and consequently that the Citizens of America (with a few legal and official exceptions) from 18 to 50 Years of Age should be borne on the Militia Rolls, provided with uniform Arms, and so far accustomed to the use of them, that the Total strength of the Country might be called forth at a Short Notice on any very interesting Emergency." - George Washington. Letter to Alexander Hamilton, Friday, May 02, 1783
THE RIGHT TO BUY WEAPONS IS THE RIGHT TO BE FREE - A. E. van Vogt, The Weapon Shops of Isher
MBTV
Forum Index
Help
Calendar
Contact Info
Register as a member
