Data Breach

In February 2019, The Register reported on a trove of information dumps being sold on the dark web. This collection contained details from approximately 16 sources, one of them being Bookmate, a social ebook subscription service. The Bookmate breach specifically contained 4 million rows of email addresses, names, dates of birth, gender, and salted SHA-512 password hashes. The Bookmate breach, along with 7 previously confirmed by ZeroFOX in the Register report, has been made available to the general public, while other dumps have yet to be disclosed.

Recommendations

• Enable 2-factor authentication for all of your organizational accounts to help mitigate phishing and credential stuffing attacks
• Remain alert to potential spear phishing attacks through email and social media.

Details

Bookmate is number 8 out of the 16 breaches from The Register report that have been disclosed to the public. The 1.7 GB data dump was for sale for $572 on the dark web. When The Register reached out to the company, they did not respond to a request for comment.

• Author
• Recent Posts

Kevin Kinsella

President and CEO at The Chaos Group of Canada

Kevin Kinsella is a physical penetration tester and information security consultant. He has over 20 years’ experience in corporate & cyber security and specializes in Threat Risk Assessments, Corporate Counterintelligence, and Red Teaming & Alternative Analysis.

Latest posts by Kevin Kinsella (see all)

• Threat Monitoring & Alerting Service - July 6, 2020
• Just Breathe: Helping The Community Better Understand & Manage PTSD (OSI) - July 1, 2019
• Happy Fathers Day - June 16, 2019

60

SHARES

Share on Facebook

Share on Tweet

Follow us

Share

Share

Share

Share

Share