350,000+ Personal Data Exposed After Preen.Me Attack

350,000+ Personal Data Exposed After Preen.Me Attack

It’s the rare business that can survive without marketing and social media efforts, so when a social media marketing company like Preen.Me comes under a cyber attack, it invariably adversely affects many, many interested parties. And with Preen.Me’s recent hack, that’s exactly what happened. Over 100,000 social media influencers have had their personal data stolen because of their connection to Preen.Me. In addition, over 250,000 social media users have had their personal data exposed on a deep web hacking forum from their use of ByteSizedBeauty, a Preen.Me application.

While Preen.Me primarily focuses their marketing efforts on beauty-related content, meaning many other types of businesses were spared, that does not provide any comfort to those whose primary business is related to personal care. Preen.Me boasts big-name customers such as Unilever, Revlon, St. Ives, and Neutrogena, who in turn interact with large customer bases. 

In this post, we will outline how the attack was discovered, the data involved, and discuss the level of sophistication that hackers and data thieves can employ in their efforts to exploit, steal from, and harass innocent parties.

The Discovery  

RBS, a world-renowned leader in cyber security, first discovered the Preen.Me leak on June 6, 2020 after they noted a known threat actor posting a message on a deep web forum about their recent hacking efforts. The attack was confirmed by the actor on the same day when they shared stolen information from 250 beauty influencers on PasteBin. PasteBin is a content hosting website service that allows users to store text on their site for set periods of time. The hacker also threatened to release the personal information of 100,000 records he/she acquired. However, as of this date those records do not seem to have been released.

The Data at Risk 

The affected clients of Preen.Me are social media influencers involved in the beauty industry. Of course, their social media efforts lead them to collect information about their followers as well. Information from both side of the equation were affected, with the threat actor exposing personal information of the media influencers such as home addresses, phone numbers, email addresses, names, and social media links. In addition, some of these social media influencers have over a half million followers, potentially exposing their information as well.  

Further Exploitation

It wasn’t enough to steal such a large amount of data to potentially hold Preen.Me for a ransom amount. On June 8th, the hacker released detailed information of the over 250,000 users of Preen.Me’s application, ByteSizedBeauty. The details include their Facebook name, ID, URL, and friend’s list, along with their Twitter ID and name. Personal information was also leaked, including their email address(es), date of birth, home address, eye color, and skin tone. 

Also found in the stolen database dump, were 100,000 user authentication tokens for social media, along with a small number of possible password hashes, and a data table consisting of over 250,000 records containing user names, email addresses, customer names, and auto-generated passwords. 

Doxing so many users of Preen.Me’s marketing tools and applications leaves all of them exposed to significant issues with spam, harassment, and especially identity theft. It remains to be seen if the hacker has accomplished their entire “mission” or if they are planning to further exploit Preen.Me and/or their clients. 

A Cautionary Tale 

Preen.Me’s recent attack is a cautionary tale for every other entity that uses the world wide web. Hackers can take very personal information and hold it for ransom, or they can release it on the dark web and allow others to commit further criminal acts against innocent affected parties. Organizations must take technology security seriously and understand their security efforts are not just protecting their own data, but the private data of clients who entrust them oftentimes with very personal information.

If you would like to know more about how to protect your business and the sensitive data of your clients from cyber hackers, please contact us.

The Marriott Breach – We Now Know Everything

Marriott Breach Impacts Millions
Marriott Breach Affects Millions

Consumers and many employers suffered a significant blow with the massive data breach recently revealed by Marriott International Hotels. Their hacked data included personal information from nearly half a billion guests. Marriott’s reservation system for their Starwood line of hotels exposed personal data including guest names, passport numbers, phone numbers, email and mailing addresses, along with some credit card information which included the encryption software that could decode the stolen numbers. Along with the enormous number of travelers affected, the fact that the data breach went undetected for approximately four years is particularly disturbing.

In addition to all the Starwood hotels, other affected hotels included Four Points by Sheraton, Tribute Portfolio, Westin Hotels, The Luxury Collection, Sheraton, Design Hotels, Aloft, Element, W Hotels, St. Regis, and Le Méridien. While the mechanism the hackers used to accomplish their heist is still unknown, there are a few things concerned companies can do that may help them avoid issues in the future, particularly if they had any interaction with the affected hotels.

Change Marriott-Related Passwords

As many as 50% of people use passwords that are at least 5 years old. Even if any company interaction with an affected hotel occurred earlier than 2014, it’s time to change all old passwords. For any Marriott passwords shared with other entities, those shared password should be updated as well. It’s also time for companies to seriously consider establishing a standard of using two-factor authentication, along with a password management tool if their corporate devices will allow it. Companies should also establish a standard of changing passwords at regular intervals, such as every 6 months or perhaps even more frequently.

Have a Backup and Disaster Recovery Plan 

Even small businesses are becoming increasingly dependent upon company data. One of the best ways to protect vital corporate data is to have an established and tested backup and disaster recovery plan. In the event a company’s data is held for ransom, they can breathe easier knowing they can restore one of their most vital assets.

Hire Professionals

Large companies can afford to have multiple teams dedicated to protecting their data resources. Small to medium-sized businesses rely on their data just as much, but cannot necessarily afford to hire dedicated staff. This is where a Managed Service Provider can step in and fill the gap. A professional MSP can evaluate a small company and find their security gaps. They can then create a complete security solution, including a backup and disaster recovery plan for their client.

If you would like to know more about how we can develop a complete security plan for your company, please contact us.

Marriott Breach Impacts Millions

Marriott Breach Impacts Millions
Marriott Breach Affects Millions

The Marriott International breach has had its online reservation system hacked and only now are we learning the true extent of the damage it has caused for consumers who have put their information into this database. First estimates state that over 500,000 million customers have had their names put into the data system. Other sensitive information has also been put into the system including their telephone numbers, addresses, credit card numbers, and their preferred guest account information.

Marriott International is now advising all customers to follow the following steps to help protect their information after their system was infiltrated:

  1. Customers need to set new passwords on their accounts. 21% of Marriott International guests are using a password that is at least 10 years old and 50% have a password that is at least 5 years old. Change your password every 30 to 180 days for the maximum protection available.
  2. Use a safe, appropriate network with secure locations where their information is less likely to get hacked than if they just connect from any remote location. 
  3. Implement an appropriate system that will help you implement a backup a plan and disaster recovery plan. Customers need to have a plan in place in case the user’s data was affected by the attack with the intent of being used for ransom. 

These are the 3 key steps that Marriott International is asking customers to take to help protect their data in the future in case another attack were to happen. Changing passwords now can also prevent the hackers from being able to access that information again to use it for malicious intent in the future.

Creating a Safer Business Atmosphere

The Small Business Administration estimates that about 45% of businesses who lose data vital to their operations never fully recover from that loss. As technologies improve, this number will only increase. It’s vital that businesses begin protecting themselves today to avoid the pain of the loss tomorrow. We now live in a generation where you can’t trust that your data is simply “safe as it is”. There is more cybercriminal activity than ever before and more people that would do your information harm if they got the opportunity to do so.

For more information on protecting your business from cyber thieves please feel free to contact us at 4 Corner I.T. for further assistance. 

How Easy Is It for Someone to Nab Your Password?

How Easy Is It for Someone to Nab Your Password?

Network World recently came out with a list of people sent to jail in 2013 for computer crimes, whether it was stealing passwords or hacking into a system to obtain and then sell sensitive information.

Sometimes, the hackers involved demonstrated technical expertise.  Other times, the cyber-criminals didn’t have to make use of any sophisticated IT knowledge in order to access people’s private accounts and networks. 

One example is a man who was able to illegally access the private emails of celebrities simply by asking for the password to be reset and then answering security questions using publicly available knowledge about these famous people.

As the owner of a small or medium-sized business, you may already have some security measures in place, such as Firewalls and anti-virus programs, to reduce the chances of someone breaching your cyber-defenses and gaining access to your network and various private accounts. 

But don’t overlook the rather simple ways hackers can succeed in stealing your password.

Consider the following issues:

  • Is your password really simple? Sometimes a hacker would be able to figure out your password just by knowing certain things about you, particularly if you use common words or facts about yourself (e.g. the password is your last name, birthday, etc.).  Among hundreds of thousands of passwords stolenfrom social media accounts at the end of last year, an alarming number were ‘123456’ or words like ‘admin.’  Make sure your passwords are long and complex enough.
  • What kinds of password recovery options do you have in place? Do your security questions have obvious answers that people could look up through a simple Internet search? To give an example of one precaution, some people use deliberately false information as the answers to their security questions.
  • In your business, who has access to certain passwords? Don’t discount the possibility of irresponsible or malicious actions undertaken by an employee (or ex-employee).

Given that your passwords are the keys to your network and to your sensitive information, you’ll need to come up with a comprehensive strategy for protecting them, not only from theft by malware or from phishing.  

Contact us to discuss your security vulnerabilities and come up with ways to better safeguard your passwords.

3 Ways that Hackers Steal Data from Small and Medium Businesses

3 Ways that Hackers Steal Data from Small and Medium Businesses

It used to be that hackers stole the data on your computer network by sending malware to your system. But you and other owners of small and medium businesses got wise to these methods by installing a firewall and security software. These digital measures went a long way in reducing nefarious attempts at theft.

But hackers got wise. They now steal data by tricking you into physically revealing important information. The following are just three of the methods they like to use.


Phishing gets you to reveal your confidential data such as passwords, credit card numbers, or Social Security number by faking an entirely legitimate website.

You may think you’re signing into your financial institution, retirement account, or government department. In actuality, hackers are showing you counterfeit pages so you can give them your private data. The quickest way to uncover such chicanery is to look at the text listed in the address bar of the site, also known as a URL. If it bears no resemblance to the title of the site or its agency, then your on a fake page.

For example, “.gov” is the ending of any U.S. government website. If the address shows “SocialSecurity.COM,” then the page is not affiliated with the government at all.

Fake Emails

Few people are going to accidentally stumble onto a phishing site, especially if they manually type in the correct address. Hackers bring you to their web pages by giving you a link, which they reveal in a fake email. You receive a message, purporting to be from a legitimate company, asking you to sign into the site to confirm information.

To be helpful, the email contains a link, which you click to reach the phishing site. To guard against this, never click on an email link. Instead, manually browse the site in question by typing its URL in the address bar. You can then independently confirm if the company is wanting your information.

Fake Dialog Boxes

You probably have dozens, if not hundreds, of programs and widgets on your system to help you run your business. So if you receive a dialog box asking you to update existing software, you simply click the OK button.

You think you’re automatically setting up the latest version of a program. Instead, you may either be taken to a phishing site or release malware onto your system. Use the same response as with fake emails. Ignore the link and manually browse the update site to confirm that it’s real.

Guarding against data theft is something you must do constantly. The hackers only have to succeed once to damage your business. For more ways to protect your network, please contact us.