BreachExchange mailing list archives
An Alert System for Security Breaches
From: security curmudgeon <jericho () attrition org>
Date: Thu, 20 Sep 2012 01:16:27 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://bits.blogs.nytimes.com/2012/09/19/an-alert-system-for-security-breaches/ By NICOLE PERLROTH The New York Times September 19, 2012 It was, no doubt, the year of the security breach. Hackers breached LinkedIn, LastFM.com, eHarmony, Yahoo and other sites, then posted customers? usernames, passwords, e-mail addresses and device IDs to the Internet for all to see. In most cases, the consumers had to dig through hackers? data dumps to find out what, if any, of their information had been compromised, then scurry to change their log-in credentials across many sites. Now, with breaches on the rise, some companies have started offering customers new services to save them the trouble. LastPass, a service for managing passwords, said on Tuesday that it had partnered with PwnedList, a database of leaked usernames and passwords, to alert customers if a Web site was breached and if their information was included in the data dump. The company will perform daily scans of PwnedList?s database of 24 million (and growing) publicly leaked usernames and passwords and alert customers by e-mail if a domain was breached, if their log-in information was compromised and if they used the same password for the breached Web site elsewhere. In a blog post, LastPass said it planned to offer its alert system, called LastPass Sentry, free. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- An Alert System for Security Breaches security curmudgeon (Sep 20)