Hack Notice

Hack Notice: Ster-Kinekor

Ster-Kinekor

Source
http://blog.roguecode.co.za/sterkinekor-vulnerability-download-millions-accounts
Description
Ster-Kinekor had a vulnerability in their site/api that allowed anyone to get the profile details of every single user in their system. Those details included names, addresses, phone numbers, and plain text passwords (amongst a draw of other fields that you canful insure below). To be clear, this wasnt a hard thing to encounter at all, and from Ster-Kinekors side, it was just pure negligence. Not only did the API hand off details to anyone, they were also storing password in their database in plaintext (and returning those to the client!).

About HackNotice and Ster-Kinekor

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Ster-Kinekor was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Ster-Kinekor their products, services, websites, or applications and you were a client of HackNotice, monitoring for Ster-Kinekor you may have been alerted to this report about Ster-Kinekor . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Ster-Kinekor had a transgress of consumer data or a data leak, then there may be additional actions that our clients should have to protect their digital identity. data breaches, hacks, and leaks often trail to and do identicalness theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, watchword reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that leading to lower client security and digital identities that experience been exposed and should be considered vulnerable to attack. HackNotice works with clients to distinguish the extent that digital identities have been exposed and provides remediation suggestions for how to handgrip each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that portion data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account have overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that suffer consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to part hack notices with their friend, family, and collogues to assist increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help growth the security of our clients personal network. The security of the people that our clients interact with directly impacts the layer of security of our clients. Increased exposure to accounts that have been taken over by hackers leads to further account take overs through phishing, malware, and other attach techniques.

If you found this drudge notice to be helpful, then you may live interested in reading some additional cut notices such as:

n a computer otherwise accessible from the Internet without proper information security precautions,aches involve overexposed and vulnerable unstructured data  files, documents, and sensitive informa, and sensitive information. According to the nonprofit consumer organization privateness Rights Cl

Digimon

WPSandbox

Facepunch