Exploit: Compromised password hashing algorithm
Emuparadise: Retro gaming emulator website
Risk to Small Business: 1.555 = Severe: HAn outdated, compromised password hashing algorithm was exploited by hackers, causing user data to be compromised. Although the data breach took place on April 1, 2018, the damage was only recently revealed when accounts were provided to HavelBeenPwned. By failing to update their cybersecurity standards, Emuparadise will now face reputational erosion and incur significant costs associated with interrupted business processes and recovery.
Individual Risk: 2 = Severe: Emuparadise users can search HavelBeenPwned to view the status of their credentials. For those compromised, hackers gained access to email addresses, IP addresses, usernames, and passwords. Impacted individuals should be mindful that their credentials could be compromised, and they should be especially careful about using duplicate passwords on other services.
Customers Impacted: 422,600
How it Could Affect Your Customers’ Business: A data breach predicated on outdated security standards is an unnecessary and self-inflicted wound that is entirely avoidable. Instead, every organization should routinely evaluate their cybersecurity standards, ensuring that they reflect industry standard best practices.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
