An unidentified hacker calling himself Berkut is selling more than 950,000 user accounts for the Coachella music festival, including email addresses, user names and hashed passwords, calling the info a "complete database dump from this month," Motherboard reports.
The hacker, who's offering the data for $300 on the Tochka dark Web marketplace, provided Motherboard with a sample of more than 10,000 accounts. A test of 30 of them appeared to indicate that they were genuine.
ThinAir CEO Tony Gauda told eSecurity Planet that the Coachella breach should serve as a reminder that any website that collects login credentials is a target for cyber criminals, not just Fortune 500 companies and government agencies. "Consumers who reuse email credentials are especially at risk during these attacks," he said.
Improvements in cyber security defenses at larger organizations, Gauda said, have led hackers to target lower-hanging fruit. "Anyone who registered for the music festival is now a target for highly customized phishing campaigns, opening the door for subsequent attacks and additional breaches," he said. "Until organizations take steps to secure their customers information with the same level of security they apply to their physical assets, breaches such as this one will persist."
According to a recent Pew Research Center survey of 1,040 U.S. adults, fully 64 percent of respondents have been personally impacted by a major data breach.
Sixteen percent of respondents have seen their email accounts taken over, 13 percent have seen one of their social media accounts taken over, and 15 percent have had their Social Security numbers compromised.
Just 12 percent of respondents use password management software -- 65 percent use memorization as the main or only way of keeping track of their passwords, and another 18 percent write their passwords down on a piece of paper.
A recent AnchorFree survey of more than 1,000 Hotspot Shield users found that 84 percent said they're more concerned about their online security than they were a year ago.
Fifty percent of respondents said they're more concerned about online privacy because of the increased number of devices that contain personal information, and 49 percent said they're more concerned because of recent high-profile hacks.
Leading privacy concerns, according to respondents, including having personal information stolen and sold (62 percent), and companies collecting and sharing personal information (52 percent).
"In 2017, we face a world where our lives have become largely digital, and security and privacy breaches are commonplace," AnchorFree CEO David Gorodyansky said in a statement.
Photo courtesy of Shutterstock.