Questions tagged [data-breaches]

7 questions
2
votes
1 answer

What should I do if my sensitive information is potentially leaked?

I sold an laptop recently, but didn’t care to do a secure erase to make sure there wasn’t any data left. After a long time, I suddenly realized that I shouldn’t have be so careless and began to worry about my data since it could be easily recovered.…
1
vote
2 answers

Effective ways to hash phone numbers?

Suppose a company wants to implement 2FA for it's users using phone number OTP system, but does not really want to store their phone numbers as it could get breached and phone numbers are considered private. What they intend to do is store some kind…
1
vote
1 answer

Can Identity Theft Protection Services Get Hacked?

I recently was dumbfounded by a question whether identity theft protection services can get hacked. Me and my family we're T-Mobile customers in the US and after the recent T-Mobile hack we got free Identity Theft Protection from McAfee for two…
0
votes
0 answers

Were Heroku's standard git repositories accessible by April 2022 attacker?

In their communication about the april 2022 breach (summary here), Heroku mentioned that organizations with the Heroku Github integration got their source code potentially accessed by the attacker. Indeed the attacker had acquired OAuth tokens,…
0
votes
0 answers

Why are environment variables safe after 2022 Heroku breach?

In their communication about the april 2022 breach (summary here), Heroku states that environment variables (other than Review apps and CI variables) were safe because they are encrypted at rest. We also wanted to address a question regarding…
0
votes
0 answers

My email listed in a breach on sites I do not recognize ever sign into. What happen?

I use Firefox Monitor to keep me updated if my email ever turn up on breaches or data dumps. It curates breaches data from many sources and cross reference our email to check if our email turn up on some breach somewhere. For sometimes I feel…
bluearth
  • 111
  • 2
0
votes
0 answers

How bad is it if HaveIBeenPwned reports pwned accounts that aren't mine?

Just for kicks, I recently entered my email in HaveIBeenPwned, figuring that there have been enough data breaches in enough places over the years that it would probably turn up something just by the law of averages. And I saw something very…
Mason Wheeler
  • 1,625
  • 1
  • 11
  • 15