Facebook revoked its session tokens after the massive breach. A team of researchers from the University of Illinois at Chicago lay out what attackers could do with those session tokens if they hadn't been reset.
Attackers exploited vulnerabilities in Facebook's code to gain access to at least 50 million Facebook user accounts. Those accounts could have been used for information gathering campaigns, as attackers had full access to the user's profile, friends list, and usage history.
The Firefox Monitor service uses data from the Have I Been Pwned database to alert people to compromises.
The list of Magecart victims gets longer as the attack group optimizes its attack code and modifies its methods to steal payment card information from unsuspecting shoppers. What's a website owner to do?
A year after the massive data breach rocked Equifax, there has been some incremental changes: new state regulations and a federal law for credit freezes. What more needs to happen to get significant improvements in data security and digital privacy?