Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 7 June, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Fintech Unicorn Dave Suffers Data Breach: 7.5 Million User Records Exposed

by Sabina
July 28, 2020
in Cyber Bites
Dave_fintech_logo
Share on FacebookShare on Twitter

LA-based fintech unicorn Dave has confirmed a security compromise that resulted in 7,516,625 user records being exposed. On Saturday, ZDNet reported that it was tipped off by a reader who noticed that a hacker was offering the Dave app’s user data on RAID, a hacking forum that has built a reputation for being the go-to place for hackers to leak databases.

It appears that attackers were able to access the database through the network of a former third party – analytics platform Waydev.

The company said it has already plugged the hacker’s point of entry and is in the process of notifying customers of the incident. According to best practices, Dave app passwords are also being reset after being exposed.

Security vendor CrowdStrike and federal authorities are investigating the breach.

Commenting on the news, Tarik Saleh, senior security engineer and malware researcher at DomainTools, emailed IT Security Guru to comment: “This breach demonstrates the importance of vetting third parties’ security stance and implementing security best practices across the entire supply chain. This is not the first time, nor will it be the last, that cybercriminals circumvent an organisation’s security measures by individuating the weakest link and exploiting it as an entry point.”

“It is essential for companies to design their environment with least privilege in mind and to review the access permissions they grant on a regular basis,” he added.

FacebookTweetLinkedIn
ShareTweet
Previous Post

Microsoft, Adobe, Lenovo and Nintendo’s Source Code Exposed In Public Repository Leak

Next Post

National Cardiovascular Partners (NCP) Notifies Patients of Data Breach

Recent News

Standard post, logos of brands, headshot.

J Brand: The Challenges of Putting Mental Health First in an Unfamiliar Industry

June 6, 2023
iPad with Anxiety written on it in capitals.

Half of UK Employees Suffer From “Sunday Scaries”

June 6, 2023
UK Organisations lack clear path to achieve threat intelligence

UK Organisations lack clear path to achieve threat intelligence

June 6, 2023
A Roadmap for Becoming a Penetration Tester in 2023

A Roadmap for Becoming a Penetration Tester in 2023

May 31, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information