fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

NetGalley Discloses Data Breach After Website Was Hacked

NetGalley Discloses Data Breach After Website Was Hacked

The NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members’ personal information.

NetGalley is a website that allows authors and publishers to promote digital review copies of their books (galleys) to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.

On Monday, December 21st, NetGalley’s website was hacked and defaced. After further investigations, it was determined that the threat actors also accessed a backup for the site’s database containing members’ data.

“It is with great regret that we inform you that on Monday, December 21, 2020 NetGalley was the victim of a data security incident. What initially seemed like a simple defacement of our homepage has, with further investigation, resulted in the unauthorized and unlawful access to a backup file of the NetGalley database,” NetGalley disclosed in a data breach advisory.

This backup database included NetGalley members’ personal information, including their login name, password, name, and email address. Other optional information that could have been in the database includes users’ mailing address, birthday, company name, and Kindle email address.

NetGalley states that there was no financial information stored in the database. In response to the breach, NetGalley requires all users to reset their password when they next log in.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

BleepingComputer has reached out to NetGalley with questions on whether the passwords were hashed in the database but has not heard back.

What should NetGalley users do?

If you are a NetGalley member, you should immediately log in to the site and change your password.

If you use the same NetGalley password at other sites, you should also change the password at those sites to a unique and strong one for that site.

Using unique passwords at every site you have an account prevents a data breach at one site from affecting you at other websites you use.

It is suggested that you use a password manager to help you keep track of unique and robust passwords at every site.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us