If last week was the week where I felt like I was drowning in data that was still being processed, this week was the week where it came to light. Not all of it, mind you, I've still got ginormous volumes I'm disclosing but it certainly was a whole heap of it. There are some real zingers in there too in terms of how the breaches went down and were handled, have a listen to that and more in this week's update (oh - and hear how happy I am about the way HIBP handled this week's massive traffic spike ?).
- The Slickwraps breach got really messy (who ever knew the world of consumer device wraps was so brutal!)
- Straffic takes out the award for most woeful data breach disclosure notice, possibly ever (and they also siphoned up and marketed a heap of personal data the owners never knew they had)
- OnlyFans is "a British social media platform popular with influencers, porn actors, and sex workers" and they've had a heap of data spread around the web (looks like all media files rather than user records)
- For the life of me, I can't tie this breach back to a source (that's the tweet thread and a sample of the data - my data - see if you can figure out where it's from)
- I was pretty happy with the way HIBP held up during this week's massive traffic spike (no loss of requests and next to no cost ?)
- 1Password is this week's blog sponsor (still my favour security tool - possibly tool of any kind - ever!)