In February 2024, a popular online survey platform SurveyLama suffered a data breach. The incident leaked the personal information of more than 4.4 million users, putting their private data and sensitive information at risk. This data breach appears to be one of the largest in early 2024.
Incident Overview
The data leak incident was first discovered in early February when unknown attackers gained access to the company’s servers. The leak was the result of a complex series of events. This included the exploitation of a vulnerability in SurveyLama’s security system. Among the data leaked was users’ personal information, including birth dates, email addresses, IP addresses, full names, passwords, phone numbers, and physical addresses of users. Survey results were also compromised, potentially breaking the anonymity of participants’ responses.
News on Have I Been Pwned site
One of the most troubling aspects of the leak is the disclosure of passwords stored in the form of salted SHA-1, bcrypt, or argon2 hashes. This hashing represents a relatively secure method of storing passwords. But the use of salted SHA-1 with its known vulnerabilities raises concerns about the potential for this data to be compromised.
Have I Been Pwned in Leak Disclosure
Have I Been Pwned, or HIBP for short, played a key role in uncovering and analyzing the leak. Its maintainers were notified of the issue by one of the affected users and independently authenticated the data leak. Information about the affected accounts also was added to the HIBP database, allowing users to verify if their data was affected.
Recommendations
SurveyLama and other experts strongly recommend that SurveyLama users immediately reset their passwords. This applies not only on the SurveyLama platform but also on any other sites where the same credentials were used. This precaution is necessary to prevent attackers from potentially gaining access to other online user accounts.
Data breaches may happen on any service, even a big and famous one – that’s as unfortunate as it may sound. The users here are forced to respond reactively, and speed of reaction is king here. Be vigilant to suspicious activities and stay in touch with breach news. Following these instructions is pretty much common sense in modern cybersecurity.
