A major data breach has impacted the online survey platform SurveyLama, putting the sensitive data of over four million individuals at risk. The breach, which occurred in February of this year, was confirmed by the company to Troy Hunt, the creator of the well-known website Have I Been Pwned?, which tracks email addresses exposed in data breaches.
What Happened:
Unknown attackers gained unauthorised access to SurveyLama’s database, compromising users’ names, dates of birth, email addresses, IP addresses, passwords, phone numbers, and postal addresses. This breach leaves users vulnerable to identity theft and phishing scams.
Implications for Users:
SurveyLama rewards its users for completing surveys, making them potential targets for phishing emails. While passwords were stored in encrypted forms (salted SHA-1, bcrypt, and argon2 hashes), some could still be susceptible to brute-force attacks, especially those hashed with SHA-1, which has known vulnerabilities. Users are strongly advised to update their passwords immediately as a precautionary measure.
Protective Measures:
SurveyLama has reportedly notified affected users via email about the breach. However, users should remain cautious of any suspicious emails, particularly those promising rewards in exchange for quick action. Although the stolen information has not yet been publicl
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.