{"id":5214,"date":"2021-01-21T13:12:30","date_gmt":"2021-01-21T17:12:30","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=5214"},"modified":"2021-01-21T13:12:30","modified_gmt":"2021-01-21T17:12:30","slug":"identity-management-experts-commentary-on-the-pixlr-data-exposure","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/","title":{"rendered":"Identity Management Experts’ Commentary on the Pixlr Data Exposure"},"content":{"rendered":"

\"Identity<\/p>\n

A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The stolen data, including email addresses, login names, and SHA-512 hashed passwords, was leaked onto a hacker forum.\u00a0<\/span><\/p>\n

Obviously, the fallout from this attack could prove devastating. To find out what enterprises can do to secure their users\u2019 identities<\/a>, we reached out to multiple cybersecurity experts. Here\u2019s what they had to say about the Pixlr exposure.\u00a0<\/span><\/p>\n
Widget not in any sidebars
\n

Expert Commentary on the Pixlr Data Exposure<\/b><\/h2>\n

Nathanael Coffing<\/b><\/h3>\n

Nathanael Coffing is CSO at <\/span><\/i>Cloudentity<\/span><\/i><\/a>.<\/p>\n

\u201cWith hundreds of thousands of user emails and login credentials exposed in this breach, users are at great risk of credential stuffing and\/or phishing attacks. It doesn\u2019t take much for bad actors to cross-reference the compromised data with previously breached records and create accurate profiles of the breach victims. Hackers already have access to previously stolen data on the dark web, which allows them to easily weaponize this free information for their own malicious gain and target users\u2019 financial or healthcare information.<\/span><\/p>\n

To avoid future database breaches of a similar nature, organizations need to implement strong methods of secure authorization for all users. To ensure sensitive information is safeguarded, enterprises must implement continuous contextual, fine-grained authorization on the API level, in addition to multi-factor authentication (MFA). By taking these proactive measures to authenticate users and protect their data, organizations can avoid data breaches and the negative consequences that come along with them.\u201d<\/span><\/p>\n

Anurag Kahol<\/b><\/h3>\n

Anurag Kahol is CTO at <\/span><\/i>Bitglass<\/span><\/i><\/a>.<\/p>\n

\u201cNow that millions of user records are circulating on a hacker forum, threat actors can easily leverage the information for highly targeted phishing attacks and identity theft. Additionally, it\u2019s concerning that login credentials were included amongst the compromised information, particularly because reusing passwords across multiple accounts is a common and unsafe practice. This means that if a cyber-criminal gains access to a user’s password, she or he can potentially use it to gain access to other accounts belonging to that user across multiple services.\u00a0<\/span><\/p>\n

While end-users are encouraged to diversify passwords across their accounts, most are slow to change their habits, which has implications for enterprise cybersecurity. Consequently, organizations must proactively defend their data against leakage and authenticate their users to ensure that they are who they say they are. Organizations can enforce real-time authentication and access control as well as manage the sharing of data with external parties through robust and flexible solutions such as multi-factor authentication (MFA) and data loss prevention (DLP). With these solutions in place, companies can maintain full control over sensitive data, while ensuring the privacy and security of their users.\u201d\u00a0<\/span><\/p>\n

Saryu Nayyar<\/b><\/h3>\n

Saryu Nayyar is CEO of <\/span><\/i>Gurucul<\/span><\/i><\/a>.<\/p>\n

\u201c<\/span>While the revelation of details on almost two million Pixlr user accounts did not include financial information, it did include password hashes and enough information to be valuable for an attacker to launch carefully crafted spear-phishing attacks, or a cast-netting attack against the Pixlr user base.\u201d<\/span><\/p>\n

Robert Prigge<\/b><\/h3>\n

Robert Prigge is CEO of Jumio<\/a>.<\/span><\/i><\/p>\n

\u201cPixlr\u2019s breach, which exposed usernames, email addresses, and hashed passwords, puts 1.9 million users at risk of being victimized for fraud. Cyber-criminals can use this breached user data to access accounts set up with this information (including banking portals, social media accounts, healthcare sites, and more). Simply resetting passwords is no longer an efficient method to keep user accounts safe. It\u2019s time online businesses stop relying on usernames and passwords to protect accounts. Instead, organizations can implement a more secure alternative like biometric authentication (leveraging a person\u2019s unique human traits to verify identity), which allows online organizations to confirm the authorized user is the one logging in and ensures their personal data is safe from malicious actors.\u201d<\/span><\/p>\n

<\/div>\n

Thanks to these identity management experts for their time and expertise. To learn more, check out our Identity Management Buyer’s Guide<\/a>.<\/p>\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"

A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The stolen data, including email addresses, login names, and SHA-512 hashed passwords, was leaked onto a hacker forum.\u00a0 Obviously, the fallout from this attack could prove devastating. To find out what enterprises can do to secure […]<\/p>\n","protected":false},"author":41,"featured_media":4537,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,125,56,1013,16,112,1522,1204,76,425,1169,30,1615],"acf":[],"yoast_head":"\nIdentity Management Experts' Commentary on the Pixlr Data Exposure<\/title>\n<meta name=\"description\" content=\"A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The experts weigh in.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/\",\"name\":\"Identity Management Experts' Commentary on the Pixlr Data Exposure\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"datePublished\":\"2021-01-21T17:12:30+00:00\",\"dateModified\":\"2021-01-21T17:12:30+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The experts weigh in.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"width\":800,\"height\":400,\"caption\":\"Morgan Stanley Suffers Data Breach Due to Third-Party Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Identity Management Experts’ Commentary on the Pixlr Data Exposure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer's Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Identity Management Experts' Commentary on the Pixlr Data Exposure","description":"A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The experts weigh in.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/","url":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/","name":"Identity Management Experts' Commentary on the Pixlr Data Exposure","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","datePublished":"2021-01-21T17:12:30+00:00","dateModified":"2021-01-21T17:12:30+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"A yet-unknown hacker yesterday exposed nearly 2 million (1.9 million) user records stolen from online photo editing application Pixlr. The experts weigh in.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","width":800,"height":400,"caption":"Morgan Stanley Suffers Data Breach Due to Third-Party Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-experts-commentary-on-the-pixlr-data-exposure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Identity Management Experts’ Commentary on the Pixlr Data Exposure"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer's Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5214"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=5214"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5214\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4537"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=5214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=5214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=5214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}