This Week: All Eyes on the Election and Even More Dropbox Creds

Next: This Week: Hacking for Harambe and Safer Drugs...
Previous: Hack To School: Education Exploits on the Dark...
TFW even your favorite (Drop)box sometimes disappoints you.
September 02, 2016

The Terbium Analyst Team is on the front-line of combatting dark web myths and legends. Whether it's a threat report, white paper, or blog post, the Analyst Team's job is to know things and speak intelligently about them. Other interests include weightlifting, chocolate, and accumulating obscure dark web trivia to amuse and confuse our co-workers.

This week, we’re reminded once again that the electoral system is an ever-increasing target for cybercriminals, from both home and abroad. The discovery that the Illinois State Board of Election’s database was breached, causing nearly 200,000 voters’ information to be compromised, comes shortly before the revelation that Arizona’s system was also breached. The FBI believes that the attacks are linked to Russian actors and has since warned states and their election boards to examine their network traffic and remain vigilant.

Meanwhile, the credentials for over 68 million Dropbox accounts were exposed online. The information comes from a 2012 breach, and has concerned other companies who may share their user base with Dropbox. This includes Spotify, who wasted no time in actively resetting passwords for their users, citing the need to be proactive in the wake of the leak, especially given people’s tendency to re-use passwords across different sites.

Vote ‘No’ To Voter Fraud

The Illinois State Board of Elections was breached, and authorities are pointing to foreign actors. They believe the attack started in June and stopped a month later. Officials think fewer than 200,000 voters’ information was compromised. This election season continues to focus heavily on cybersecurity and cyber threats, and now is the time to be extra cautious about voter security. Voter databases contain highly sensitive information including addresses, the last four digits of Social Security Numbers, and driver’s license numbers, all of which can cause serious issues for exposed individuals. The information can be used to target the victims for theft, forgery, and quite possibly voter fraud.

After a similar attack on Arizona’s voter database by suspected Russian adversaries, the FBI issued a nationwide warning to election officials. The same IP address appeared in both attacks, leading to the conclusion that the breaches are linked. These attacks and some of the recent leaks are thought to be happening specifically to undermine the Clinton campaign and citizens’ trust of the electoral system. Since the United States is heavily involved in foreign affairs, other countries have a lot resting on this election. We can expect more breaches and breach attempts to occur leading up to the presidential election. Staying vigilant and keeping a watch for data leaks is always important, but with these attacks everyone should be cautious. Your data will never be perfectly safe, but you can encrypt emails and set up two factor authentication to access your accounts to increase data security.

Meanwhile: Please Reset Your Password

Over 68 million account credentials for Dropbox, a major file hosting and cloud storage company, were leaked online. Since the original breach in 2012, the data has been sporadically leaked, with each dump containing more information than before. Not knowing exactly how many and which accounts were compromised has made it difficult for the company and its users to accurately assess the damage of the breach.

Almost immediately after the news broke, Spotify began actively resetting passwords for many of their users. They expressed concern over the possibility of Spotify users re-using passwords across different sites, including sites whose servers have been breached.

A few days before the leak, Dropbox encouraged its users to change their passwords, claiming that doing so was purely a “preventative measure.” But following the confirmation of the data’s authenticity by third parties, Dropbox in turn acknowledged the magnitude and authenticity of the leaked data, noting that they first heard rumors about the leak two weeks ago.

As large-scale data breaches become more common, businesses need to be forthright about who and what was compromised, what they’re doing to mitigate the damage, and what their users can do in the meantime. There’s more at stake than just the accounts from this single breach; many of those people will likely have used the same credentials for their online banking and social media accounts, potentially multiplying the damage. As the situation continues to unfold, using the incident as a teachable moment benefits everyone.

One more thing:

Apple recently patented a new feature that triggers capturing and storing biometric data, images, and audio if your phone is stolen. The triggers for this feature include too many login attempts or suspicious attempts to download user information. This feature aims to keep data more secure and aid customers in finding their lost or stolen devices and information.

analysis June 24, 2019
New Research: Terbium Labs Uncovers Pervasive Links Between Fraud and Transnational Crime

Terbium Labs investigated the links between payment fraud and serious transnational crime. This research begins to fill a gap in understanding about the use of fraudulent financing in some of the most heinous crimes...

analysis April 17, 2019
Terbium Labs Investigates Dark Web Fraud Guides for an Inside Look on Cyber Crime

With our latest research, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data, Terbium Labs investigates dark web fraud guides to create a detailed, first-hand account of the illicit...