News and Updates on Information Technology

United States – LiveAuctioneers

Exploit: Unauthorized Database Access 
LiveAuctioneers: Online Antiques Auction House 

Risk to Small Business: 2.172 = Severe

LiveAuctioneers has reported a major data breach courtesy of one of its third-party data processing partners. The company first noted the incident on July 10, 2020, after monitors spotted Dark Web posts advertising the sale of the company’s records company records of 3.4 million LiveAuctioneers users, as well as three million cracked username and password combinations. 

Individual Risk: 2.172 = Severe

While no financial data has been reported as compromised, the investigation is still ongoing. Those affected have been notified via email. Every user should reset their account password and be alert to potential identity theft.  

Customers Impacted: 3.4 million

How it Could Affect Your Customers’ Business: Third party risk is a growing menace that’s hard for businesses to overcome. By maintaining a constant watch on Dark Web markets, businesses can get notified when credentials, including those used in accounts at third party partners, suffer a breach, lowering their risk of compromise from the stolen information.

Source
https://portswigger.net/daily-swig/liveauctioneers-data-breach-millions-of-cracked-passwords-for-sale-say-researchers