Recently, multi-platform media and entertainment company Mashable reported it suffered a data breach; leaked readers’ information was discovered in a leaked database posted online. The information appears to have been stolen from social media sign-in features.
The leaked information contains full names, locations, email addresses, genders, IP addresses, and links to social media profiles. While the company appears to have some idea of the identity of its attacker, it did not disclose their suspicions in a public statement. According to Mashable, no password information nor financial information was stolen, and all affected accounts were disabled as a precaution.
The Mashable Data Breach can teach enterprises quite a bit. Here’s what the experts had to say.
What the Mashable Data Breach Can Teach Us
Saryu Nayyar
Saryu Nayyar is the CEO of Gurucul.
“The Mashable breach represents another case where potentially important data has fallen into the attacker’s hands. While there were apparently no passwords or financial information revealed, the personal information such as email address, names, locations, etc., could be very useful for an attacker looking to do targeted phishing emails or social engineering attacks.
“There is always a lot of attention on breaches that reveal passwords or financial information, but there is a lot of other personal information an attacker can leverage, especially when they take the time and effort to engage in social engineering attacks. That’s why even organizations that don’t hold confidential PII need to keep their cybersecurity stack up to date, including behavioral analytics, to identify novel attacks before they turn into major data breaches.”
Dan Piazza
Dan Piazza is the Technical Product Manager of Stealthbits.
“Although it took Mashable a few days to confirm the breach, their straightforward response is commendable. They confirmed the breach, outlined what data was stolen, stressed that Mashable doesn’t store financial data, and offered comfort that they don’t believe any password data was breached. If these details remain the extent of the breach, and additional concerns don’t come to light later, then this is a good example of how organizations should handle PR in the event of a data breach.”
Thanks to the experts for their time and expertise. Learn more about securing your own business in our SIEM Buyer’s Guide.
Widget not in any sidebars
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best SOAR Solutions to Consider in 2024 - February 1, 2024
- The Best Managed Detection and Response Vendors to Consider in 2024 - January 2, 2024
- 4 Best Cybersecurity Courses Available on Udacity in 2024 - December 20, 2023
