Massive Zacks Data Breach Exposes Millions of User Accounts

Zacks Data Breach Puts Millions at Risk

Zacks Investment Research, a well-known financial research company, has reportedly suffered another massive data breach. A hacker has claimed responsibility for stealing sensitive user information in June 2024. A hacker has leaked the stolen data of around 12 million customers on a forum and is selling it for a small cryptocurrency payment.

According to reports, the stolen data contains highly sensitive information, including full names, usernames, email addresses, physical addresses, and phone numbers. In addition to customer data, the hacker also claims to have gained deep access to Zacks’ internal systems. They allegedly obtained the source code for the company’s main website, Zacks.com, along with 16 other related internal and external websites.

Cybersecurity experts have analyzed the leaked data and confirmed its authenticity. The database contains unique email addresses and passwords stored in an unsalted SHA-256 format, making them vulnerable to hacking attempts. The exposure of such sensitive information raises concerns about identity theft, phishing attacks, and other cybercrimes that could target affected users.

The incident has once again highlighted the growing risks associated with cybersecurity breaches. Companies that store large amounts of user data must implement stronger security measures to prevent such incidents. However, this breach is particularly concerning because it is not the first time Zacks has been targeted by hackers.

A History of Data Breaches in Zacks

This is not the first time that Zacks has experienced a data breach. The company has faced multiple security incidents in the past, making this latest leak even more alarming.

In January 2023, Zacks confirmed that hackers had breached its network between November 2021 and August 2022. During this period, cybercriminals gained access to personal information belonging to 820,000 customers. The stolen data included email addresses, usernames, and other sensitive details.

A few months later, in June 2023, cybersecurity experts discovered and verified another database linked to Zacks. This database contained information from 8.8 million users, including full names, email addresses, usernames, phone numbers, and passwords stored as unsalted SHA-256 hashes. The evidence suggests that hackers stole the data in May 2020, indicating that an older breach had gone unnoticed for some time.

Despite these previous breaches, the latest leak appears to be the largest in terms of the number of affected accounts. Cybersecurity researchers have warned that repeated breaches greatly increase users’ risk, as hackers can use stolen data for various malicious activities. Criminals often gather information from multiple leaks to create detailed profiles of victims, enabling identity theft, fraud, or targeted phishing attacks.

Past breaches may cause affected users to see their information resurface in new leaks, increasing their vulnerability to cyber threats. Given that Zacks has experienced multiple security incidents in recent years, it raises concerns about the effectiveness of its cybersecurity measures.

Data Added to Cybersecurity Watchlist

Have I Been Pwned (HIBP), a widely used cybersecurity tool, has added the leaked Zacks database to help individuals check if previous breaches have exposed their personal data. The service confirmed that the leaked file contains 12 million unique email addresses, along with other personal details.

One of the most concerning aspects of this breach is that roughly 93% of the email addresses found in the leaked database were already present in previous breaches. This means that much of the exposed information has likely been circulating among cybercriminals for a long time. When multiple breaches repeatedly expose data, hackers can more easily piece together complete profiles of individuals, making them more vulnerable to identity fraud and other cybercrimes.

While Zacks has not officially confirmed the latest breach, cybersecurity experts have a high degree of confidence that this is a new incident. Have I Been Pwned verified the data by analyzing it to ensure that it was not simply a collection of old leaks. If validated, this would be the third major data breach affecting the company in just four years.

The repeated breaches of Zacks’ systems highlight the growing importance of robust cybersecurity measures. Cybersecurity experts advise platform users to take immediate precautions, such as updating their passwords and staying extra cautious of suspicious emails or phone calls that could be phishing attempts.

TOP 10 TRENDING ON NEWSINTERPRETATION

The Dark Side of Magic: A Dangerous Trojan.Arcanum Targets Tarot Fans

Imagine a world where tarot cards could truly predict...

Cybersecurity Breach: 200 Million X User Records & 2.8 Billion Twitter IDs Stolen

A data enthusiast has released a huge collection of...

Google Confirms Dangerous Cyber ‘Espionage’ Attacks on Chrome Users

Google has confirmed a serious cyber threat targeting millions...

Crocodilus: The Malware That Can Empty Your Crypto Wallet in Seconds

A new type of Android malware called Crocodilus has...

Hacker Onslaught Shatters Ethereum Market with 17,000 ETH Dump!

Hackers caused chaos in the crypto world by dumping...

Russian Propaganda Machine Hits White House Press Pool Amidst Heightened Espionage Threat

Russia unknowingly paid a popular right-wing social media influencer...

Chinese Hackers Secretly Breached Asian Telecom Networks for Years Without Being Detected

A new report by cybersecurity firm Sygnia reveals that...

Massive Espionage Blunder Jeopardizes US Spying on Houthis

Leaked text messages between top US officials may have...

BlackLock’s Dirty Secrets Exposed After Researchers “Hack the Hackers”

Cybersecurity researchers hacked into the systems of a ransomware...

APT36 Hackers fakes India Post to Deploy Malware on Windows and Android

Deceptive Website Targets Windows and Android Users In a recent...

The Dark Side of Magic: A Dangerous Trojan.Arcanum Targets Tarot Fans

Imagine a world where tarot cards could truly predict...

Google Confirms Dangerous Cyber ‘Espionage’ Attacks on Chrome Users

Google has confirmed a serious cyber threat targeting millions...

Crocodilus: The Malware That Can Empty Your Crypto Wallet in Seconds

A new type of Android malware called Crocodilus has...

Hacker Onslaught Shatters Ethereum Market with 17,000 ETH Dump!

Hackers caused chaos in the crypto world by dumping...

Russian Propaganda Machine Hits White House Press Pool Amidst Heightened Espionage Threat

Russia unknowingly paid a popular right-wing social media influencer...

Massive Espionage Blunder Jeopardizes US Spying on Houthis

Leaked text messages between top US officials may have...

Related Articles

Popular Categories

error: Content is protected !!