A significant security incident has impacted a webmail provider, leading to the exposure of approximately 1 million user records.
The data breach compromised highly sensitive information, including usernames, email addresses, password hashes, IP addresses, and critically, private keys used to access user email accounts. The exposure of these private keys is particularly alarming, as it could potentially allow unauthorized access to the contents of affected users’ inboxes.
Analysis suggests that the password hashes stored were potentially using weak hashing algorithms, making them more vulnerable to cracking attempts. This combination of exposed data presents a substantial risk to the affected individuals, increasing the likelihood of account compromise, phishing attacks, and other forms of cybercrime. Users of the affected service are advised to be extremely cautious regarding any suspicious communications and consider the potential impact of this exposure.
Source: https://www.bleepingcomputer.com/news/security/hacker-steals-1-million-cockli-user-records-in-webmail-data-breach/
