{"id":24939,"date":"2024-07-22T07:10:13","date_gmt":"2024-07-22T15:10:13","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/07\/22\/news-18669\/"},"modified":"2024-07-22T07:10:13","modified_gmt":"2024-07-22T15:10:13","slug":"news-18669","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2024\/07\/22\/news-18669\/","title":{"rendered":"Heritage Foundation data breach containing personal data is available online"},"content":{"rendered":"\n<p>The Heritage Foundation this month <a href=\"https:\/\/www.scmagazine.com\/brief\/heritage-foundation-denies-siegedsec-hack\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">denied<\/a> that it had suffered an earlier system breach and the subsequent leaking of internal data. But the organization had to admit that cybercriminals gained access to an archive of Heritage&#8217;s affiliated media site, The Daily Signal, dating back to 2022. That archive reportedly contained content of Heritage and non-Heritage contributors&#8217; personal information.<\/p>\n<p>Either way, a Malwarebytes review of the data shows over half a million usernames and passwords.<\/p>\n<p>At the heart of the back-and-forth claims are an alleged breach against the Heritage Foundation that SiegedSec, a politically motivated group, <a href=\"https:\/\/theintercept.com\/2024\/07\/09\/gay-furry-hackers-claim-credit-for-hacking-heritage-foundation-over-project-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">claimed to have carried out on July 2, 2024<\/a>.<\/p>\n<p>The group said it released the data in response to Heritage Foundation\u2019s Project 2025, a set of proposals that aim to give Donald Trump a set of ready-made policies to implement if he wins this fall\u2019s election in the United States.<\/p>\n<p>The stolen data includes email addresses, usernames, passwords, phone numbers, IP addresses, full names, and may contain other compromised user details.<\/p>\n<p>SiegedSec also claimed to have over 200 gigabytes of additional \u201cmostly useless\u201d data, which they do not intend to release.<\/p>\n<p>The discrepancy in the claims lies in the fact that SiegedSec said it obtained passwords and other user information for \u201cevery user\u201d of a Heritage Foundation database. Heritage responded in saying that:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cAn organized group stumbled upon a two-year-old archive of The Daily Signal website that was available on a public-facing website owned by a contractor.\u201d<\/p>\n<\/blockquote>\n<p>A possible cause for the discrepancy is an <a href=\"https:\/\/techcrunch.com\/2024\/04\/12\/heritage-foundation-cyberattack\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">earlier cyberattack<\/a> on the Heritage Foundation in April of 2024 which resulted in a shutdown of the organization\u2019s network to prevent further malicious activity. But the nature of that attack is unclear and it is impossible to say whether any data was stolen.<\/p>\n<p>Some sources, however, have reported that it was in fact a ransomware attack by the Play Group, which means that an attempt to steal data is still a possibility.<\/p>\n<p><strong>Protecting yourself after a data breach<\/strong><\/p>\n<p>There are some actions you can take if you are, or suspect you may have been, the&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/blog\/personal\/2023\/09\/involved-in-a-data-breach-heres-what-you-need-to-know\">victim of a data breach<\/a>.<\/p>\n<ul>\n<li><strong>Check the vendor\u2019s advice.<\/strong>&nbsp;Every breach is different, so check with the vendor to find out what\u2019s happened and follow any specific advice they offer.<\/li>\n<li><strong>Change your password.<\/strong>&nbsp;You can make a stolen password useless to thieves by changing it. Choose a&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/computer\/how-to-create-a-strong-password\" target=\"_blank\" rel=\"noreferrer noopener\">strong password<\/a>&nbsp;that you don\u2019t use for anything else. Better yet, let a&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/what-is-password-manager\" target=\"_blank\" rel=\"noreferrer noopener\">password manager<\/a>&nbsp;choose one for you.<\/li>\n<li><strong>Enable two-factor authentication (2FA).<\/strong>&nbsp;If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/glossary\/multi-factor-authentication-mfa\" target=\"_blank\" rel=\"noreferrer noopener\">two-factor authentication (2FA)<\/a>&nbsp;can be phished just as easily as a password. 2FA that relies on a FIDO2 device can\u2019t be phished.<\/li>\n<li><strong>Watch out for fake vendors.<\/strong>&nbsp;The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims and verify the&nbsp;identity of anyone who contacts you&nbsp;using a different communication channel.<\/li>\n<li><strong>Take your time.<\/strong>&nbsp;Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.<\/li>\n<li><strong>Consider not storing your card details<\/strong>. It\u2019s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.<\/li>\n<li><strong>Set up identity monitoring.<\/strong>&nbsp;<a href=\"https:\/\/go.cyrus.app\/MN4j\/fkkekmw9\" target=\"_blank\" rel=\"noreferrer noopener\">Identity monitoring<\/a>&nbsp;alerts you if your personal information is found being traded illegally online, and helps you recover after.<\/li>\n<\/ul>\n<p><strong>Check your exposure<\/strong><\/p>\n<p>Even if you were not amongst the victims of the Heritage leak, it\u2019s likely you\u2019ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it\u2019s best to submit the one you most frequently use) to our&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">free Digital Footprint scan<\/a>, and we\u2019ll give you a report.<\/p>\n<div class=\"wp-block-malware-bytes-button mb-button\" id=\"mb-button-7ba16f0b-04e8-4679-9512-2f21a0971dcf\">\n<div class=\"mb-button__row u-justify-content-center\">\n<div class=\"mb-button__item mb-button-item-0\">\n<p class=\"btn-main\"><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint?utm_source=blog&amp;utm_medium=social&amp;utm_campaign=b2c_pro_acq_fy25dfplaunch_171269600960&amp;utm_content=V1\"><\/a><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a>.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<h2 class=\"wp-block-heading\" id=\"h-summer-mega-sale\">Summer mega sale<\/h2>\n<p>Go into your vacation knowing you&#8217;re much more secure: This summer you can get a huge <a href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\"><strong>50%\u00a0off\u00a0a Malwarebytes Standard subscription<\/strong> or <strong>Malwarebytes Identity bundle<\/strong><\/a>. Run, don&#8217;t walk!<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-1 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-white-color has-blue-background-color has-text-color has-background has-link-color wp-element-button\" href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\/\"><strong>SAVE 5<\/strong>0<strong>% TODAY<\/strong><\/a><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/07\/heritage-foundation-data-breach-containing-personal-data-is-available-online\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Data from the Heritage Foundation containing at least half a million passwords and usernames are available online  <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[22604,8579,32,5897,31708],"class_list":["post-24939","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-foundation","tag-heritage","tag-news","tag-privacy","tag-siegedsec"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24939","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24939"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24939\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24939"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24939"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24939"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}