Freecycle.org, a platform that allows users to recycle their belongings, has prompted millions of users to reset their passwords after their credentials were compromised in a data breach.
The non-profit organization, which is based in the US but operates in the UK as well, says it identified the incident on August 30, and it has started sending notifications to its users.
“The breach of data includes usernames, User IDs, email addresses and passwords,” Freecycle says in an incident notice on its website. The passwords were hashed, the platform said in the email notification sent to users, a copy of which was posted on social media.
According to the organization, no other personal information aside from the exposed credentials was compromised during the incident.
“We are advising all members to change their passwords as soon as possible. We apologize for the inconvenience and would ask that you watch this space for further pending background,” a message from Freecycle Network’s executive director Deron Beal reads.
The organization provides detailed instructions on how users can reset their passwords and advises them to make sure that any reused passwords are reset on all other online platforms as well.
Following the data breach, Freecycle says, users might start receiving more spam in their mailboxes. The leaked data may also be used in phishing attacks.
What the organization has not revealed, however, was how the attackers gained access to its systems or how many of its approximately 11 million users might be impacted.
According to screenshots that the alleged Freecycle hacker posted two months ago, more than 7 million individuals might have been affected by the incident. The hacker reportedly used stolen credentials to access the data.
Freecycle says it has informed the relevant authorities in the UK and the US about the data breach.
Related: Sourcegraph Discloses Data Breach Following Access Token Leak
Related: 500k Impacted by Data Breach at Fashion Retailer Forever 21
Related: 10 Million Likely Impacted by Data Breach at French Unemployment Agency
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
