Data Breach

In February 2019, The Register reported on a trove of information dumps being sold on the dark web. This collection contained details from approximately 16 sources, one of them being Bookmate, a social ebook subscription service. The Bookmate breach specifically contained 4 million rows of email addresses, names, dates of birth, gender, and salted SHA-512 password hashes. The Bookmate breach, along with 7 previously confirmed by ZeroFOX in the Register report, has been made available to the general public, while other dumps have yet to be disclosed.

Recommendations

• Enable 2-factor authentication for all of your organizational accounts to help mitigate phishing and credential stuffing attacks
• Remain alert to potential spear phishing attacks through email and social media.

Details

Bookmate is number 8 out of the 16 breaches from The Register report that have been disclosed to the public. The 1.7 GB data dump was for sale for $572 on the dark web. When The Register reached out to the company, they did not respond to a request for comment.

• About
• Latest Posts

Kevin Kinsella

President and CEO at The Chaos Group of Canada

Kevin Kinsella is a physical penetration tester and information security consultant. He has over 20 years’ experience in corporate & cyber security and specializes in Threat Risk Assessments, Corporate Counterintelligence, and Red Teaming & Alternative Analysis.

Latest posts by Kevin Kinsella (see all)

• What makes a good risk management program? Making good decisions, and having good people, processes. and technology. - August 15, 2022
• Happy Canada Day! - July 1, 2022
• Merry Christmas and happy holidays from the The Chaos Group of Canada - December 24, 2021

Share on Facebook

Share on Tweet