Mangatoon, an online comics reading platform, suffered a massive data breach. Information on 23 million user accounts stolen from an unsecured Elasticsearch database has been exposed.
A data breach signed Pompompurin
pompompurine, a known hacker for hacking the FBI in November 2021, claimed responsibility for stealing Mangatoon data from Elasticsearch. He claims to have been able to Access to an unsecured database the open source search and analysis engine.
According to the hacker The credentials for the Elasticsearch server were very weak. This allowed him to access the data before stealing it. Pompompurin shared a sample of the stolen data with a tech-focused reference e-magazine.
Media analysts have confirmed the authenticity of the information. This is Mangaton user account information. The hacker stated that they want to publish all the stolen data.
Will my information be disclosed?
The breach dates from May. The 23 million users affected by this hack had their names, email addresses, gender or access data for social media accounts exposed.
There is a way for Mangatoon users to find out if they are affected by this data breach. You have to go was i pwned (HIBP). This is a website to check if your personal information, email and passwords have been compromised by a data breach.
To do this, HIPB collects and analyzes database dumps and pastebins containing leaked account information. All you have to do is enter your email address to proceed with the verification.
The precautions to take
For those whose personal information has been compromised, this is imperative Change passwords for all online accounts : Email, social networks and other services that require identifiers. To increase security, experts recommend using it long and strong passwords.
For example, by using three non-contiguous random words, each with at least five characters, it is possible to create such a password. The use of a password manager can also help.
And since you can never be too careful, don’t hesitate Enable multi-factor authentication if the option is available. Finally, installing protection tools on its devices and machines provides an additional layer of protection, for example in the event of a phishing attempt.