Wayback Machine Compromised, Discord Blocked in Russia and Turkey: Your Cybersecurity Roundup
Wayback Machine Compromised in Data Breach and DDoS Attack
The Internet Archive, a non-profit organization known for its “Wayback Machine” web archiving tool, has suffered a significant breach and DDoS attack. Threat actors stole a user authentication database containing 31 million unique records, including email addresses, usernames, hashed passwords, and password change timestamps.
The stolen data was confirmed by security researcher Scott Helme, who found that his exposed record matched his password manager entry. The Internet Archive has acknowledged the breach and is taking steps to address it, including disabling the malicious JavaScript library used by the attackers and implementing security upgrades.
However, the organization also faces ongoing DDoS attacks, which have taken down the archive.org and openlibrary.org websites. The DDoS attacks are believed to be unrelated to the data breach.
Discord Blocked in Russia and Turkey Over Illegal Activity
Discord, a popular communication platform, has been blocked in Russia and Turkey due to violations of local laws. The platform has been used for various purposes, including gaming, community building, and professional networking. However, it has also become a hub for illegal activities, such as cybercrime and the dissemination of harmful content.
The Russian government blocked Discord due to its alleged use for terrorist and extremist purposes, recruitment, and drug sales. The Turkish government blocked the platform following a court decision related to child abuse and obscenity content.
Users in both countries have reported difficulties accessing Discord without using a VPN or proxy. While some VPNs work effectively, others may be blocked or lead to legal consequences.
The blocks on Discord have sparked protests and discussions about internet censorship and freedom of expression in both countries. As the situation evolves, it remains to be seen how Discord will address these challenges and whether the platform will be restored in Russia and Turkey.
FTC Fines Marriott Hotels $52 Million for Data Breaches
The Federal Trade Commission (FTC) has fined Marriott International $52 million and required the company to implement stricter data security measures to settle charges over multiple data breaches that occurred between 2014 and 2020.
The breaches affected over 334 million customers and exposed personal information such as passport details, credit card numbers, dates of birth, email addresses, and loyalty numbers. The FTC found that Marriott failed to maintain adequate security practices, leading to the unauthorized access of customer data.
As part of the settlement, Marriott has agreed to implement various security measures, including multifactor authentication, password controls, firewall controls, and network segmentation. The company will also conduct regular security audits and provide training to its employees on data security best practices.
Additionally, Marriott will give customers the option to delete their personal information and restore stolen rewards points. The FTC’s action aims to ensure that Marriott improves its data security practices and protects customer information going forward.
