mood Posted March 6, 2021 Share Posted March 6, 2021 Fortune 500 Company Adecco Group Suffers Data Breach Fortune 500 global recruitment firm Adecco Group suffered a data breach affecting users from six South American countries. Darknet forums enable cybercriminals to promote their hacking skills and trade stolen digital assets to other threat actor groups in the community. A large amount of compromised sensitive information is being dumped across various hacking forums regularly. Recently, security experts from Cybernews discovered an unknown hacker allegedly selling stolen credentials belonging to Adecco Group. Headquartered in Switzerland, Adecco Group is a Fortune 500 global human resource and temporary staffing company. The database kept for sale contained over five million records from six Latin American/South American countries: Peru, Brazil, Argentina, Colombia, Chile, and Ecuador. The Leaked Data The data dump, which was later taken down by the hacker, supposedly contained different categories of data: “Candidatos_datos_personales” (candidates’ personal data) with 4,543,938 lines “Candidatos_candidatos_by_email” with 3,763,836 lines “Candidatos_login” with 5,321,943 lines In common, all the categories exposed candidates’ sensitive information including full name, gender, marital status, birth dates, email addresses, passwords, and country of residence. The Impact While it is unclear why the post was taken down by the threat actor, Cybernews suspects that the database was sold out. The data could be misused for various malicious purposes, including: Targeted spear-phishing attacks Collecting and spamming users’ emails and phones Brute-forcing users’ other online accounts Mitigation Measures Cybernews also recommended certain security measures for users whose data may have been compromised in the security incident. These include: Change your passwords immediately. You should be using a unique password for each account you create. Add two-factor authentication (2FA) on your most sensitive accounts, including your primary email account. That way, even if a bad actor were able to uncover your credentials, they wouldn’t be able to get into your account. Watch out for suspicious emails, as they may be phishing attempts. Avoid clicking on links from suspicious emails. Watch out for suspicious activity on your financial accounts and set up identity theft monitoring. Researchers suspected that the latest security incident appears to be from the same threat actors responsible for the recent VPN leaks, in which cybercriminals traded three databases that contained user credentials and device data from three Android Virtual Private Network (VPN) services – SuperVPN, GeckoVPN, and ChatVPN. Source: Fortune 500 Company Adecco Group Suffers Data Breach Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.