Data from ShareThis.com Breach Appeared on Dark Web
Table of Contents
- By David Lukic
- Published: Feb 05, 2021
- Last Updated: Mar 18, 2022
ShareThis is a technology company that makes plugins and apps to share web content on social media. Earlier this year, The Register published an article claiming that 16 companies had been hacked, and databases with more than 620 million accounts were being sold on the dark web. ShareThis was listed as one of the companies. The ShareThis.com breach affected 41 million users, and hackers got away with names, email addresses, some dates of birth, and hashed passwords. The cybercriminal boasted of his treasure trove on the dark web and offered the entire package of all 41 companies’ data for less than $20,000 in bitcoin. The story in the Register stated that the passwords could be decrypted and then the usernames/password combos used on other sites for the same users. Potentially, the ShareThis breach could have far-reaching consequences.
When Was the ShareThis.com Breach?
News of the ShareThis breach surfaced in February of 2019, but the hacker implied that the database pilfering took place during 2018. ShareThis has done their own investigative research and thinks that the actual data breach occurred in July of 2018.
Cybersecurity forensic experts are scouring ShareThis’ systems for how the breach occurred, but they have come up empty-handed. So now they are trying to find ways to secure their networks better. However, if they are unaware of how it occurred in the first place, it might be difficult to trust them to keep things safe in the future.
How to Check if Your Data Was Exposed in ShareThis Breach
ShareThis deactivated every account that was breached by this incident. So, if you have a ShareThis account, you will no longer be able to log in until you change the password. Additionally, they set up this informational page to help victims with more information and a contact email address if you have further questions inquiries@sharethis.com.
What to Do if Your Victim of ShareThis Data Breach
If your account was included in the ShareThis data breach, you would first want to make sure your account password has been reset. A lot of people use the same passwords on different websites. If you do, change those passwords as well and use a complex combination of letters, symbols, and numbers. You should also take the following precautions:
- Change your passwords for logins associated with banks and credit cards.
- Sign up for credit monitoring with a good company.
- Run a full scan of your computer to be sure you were not scammed or infected with a virus or malware.
Can My ShareThis Data Breach Information be Used to Steal my Identity?
The data stolen from ShareThis can absolutely be used to steal your identity. Since piles of information are showing up on the dark web daily, this new data paired with other batches can piece together your entire life. All that data in the hands of cybercriminals equals disaster. Not only can they steal your identity, many of them use the information to trick you with scam or phishing emails, so you will click a link (which looks legitimate), but now your computer is infected with a virus or ransomware. Sometimes these hackers take you to websites that look just like the real thing and ask you to log in or verify details, and instead of accessing your account, you have handed over more information to criminals. You cannot be too careful these days.
What to Do to Protect Yourself Against Cybercriminals
Although we cannot control how companies use and protect our information, we can take steps to protect ourselves and keep our identities safe.
- Never give out more information than you need to, especially online.
- Do not use the same passwords on multiple sites (no matter how tempting it might be). Always use long, complex passwords and store them in a password vault, so you only have to remember a single password.
- Carefully monitor your bank and credit card statements each month to look for suspicious charges.
- Keep all your devices updated with the latest operating system patches and antivirus software; run scans often.
- NEVER click links in an email or download attachments.
