Cybersecurity, Photography and the 500px Breach

Photography has been a hobby for decades. People take pictures on vacation, of their friends, pets, and virtually everything else. For special events, e.g. a wedding, graduation, or other event, they may hire a professional to not only take, but also print the pictures with quality paper.

Target

In this instance, the Target was 500px. This is a photography website used, among other services, to store portfolios. The breach occurred at approximately Jul 5, 2018. This directly affected 14,870,304 of the service’s user accounts, or nearly all the accounts. Put another way, if the user had an account on or before July 5, 2018, they were impacted.

Attack

The organization was the victim of a successful attack, breach, and compromise. The data exfiltrated included names, user names, email addresses, birth date if the user provided it, city, state, country, and gender. This data is easily sold or otherwise used maliciously. This could be easily sold, used by the attackers, or simply used for credential stuffing attacks.

???

The timing seems unique for the breach and detection. The detection appears to have taken nearly 7.3 months to notice. This seems a bit long for any timeline. Seemingly any SIEM would have detected not only the unauthorized IP, but also the mass amount of data being floated from the organization. Nearly 15M users involves a mass amount of data. Also, the organization did not indicate how the attack happened. By now, the hole or vulnerability would have been fixed at this point. The publication would not have hurt the organization. Management could have disclosed something about, even at a high level, the successful attack.

Remediation

There was a password reset for the 14.8M affected users. To correct this required a mass amount of time, which was compounded by calls from the users questioning what happened.

Resources

Digital Trends. (2019, February). 500px reveals almost 15 million users are caught up in security breach. Retrieved from https://www.digitaltrends.com/computing/500px-almost-15-million-users-caught-up-in-security-breach/

Dunn, J.E. (2019, February 15). Photography site 500px resets 14.8 million passwords after data breach. Retrieved from https://nakedsecurity.sophos.com/2019/02/15/photography-site-600px-resets-14-8-million-passwords-after-data-breach/

Page, C. (2019, February 13). 500px confirms 2018 data breach that exposed data on 15 million users. Retrieved from https://www.theinquirer.net/inquirer/news/3070980/500px-data-breach

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

Check back soon

Once posts are published, you’ll see them here.

Cybersecurity and Linux SSH Servers

Cybersecurity and the Auto Industry

Cybersecurity and the Energy Sector

Cybersecurity and Costs

Cybersecurity and Electronic Health Records

Cybersecurity and IoMT

Cybersecurity and Obscurity

Cybersecurity and New Devices and Old Problems

Cybersecurity and the Diversity of Data

Cybersecurity and Compromises

No tags yet.

Cybersecurity, Photography and the 500px Breach

Featured Posts

Recent Posts

Archive

Search By Tags

Follow Us