Recent data breach exposed 3.4 million LiveAuctioneers users’ login credentials

Exploit: Unauthorized Database Access https://portswigger.net/daily-swig/liveauctioneers-data-breach-millions-of-cracked-passwords-for-sale-say-researchers
LiveAuctioneers: Online Antiques Auction House

Risk to Small Business: 2.172 = Severe LiveAuctioneers has reported a major data breach courtesy of one of its third-party data processing partners. The company first noted the incident on July 10, 2020, after monitors spotted Dark Web posts advertising the sale of the company’s records company records of 3.4 million LiveAuctioneers users, as well as three million cracked username and password combinations.

Individual Risk: 2.172 = Severe While no financial data has been reported as compromised, the investigation is still ongoing. Those affected have been notified via email. Every user should reset their account password and be alert to potential identity theft.

Customers Impacted: 3.4 million
How it Could Affect Your Customers’ Business: Third party risk is a growing menace that’s hard for businesses to overcome. By maintaining a constant watch on Dark Web markets, businesses can get notified when credentials, including those used in accounts at third party partners, suffer a breach, lowering their risk of compromise from the stolen information.

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.