A malicious website initially set up to extort Attack.Ransom visitors to pay a cryptocurrency ransom Attack.Ransom has changed its course . Instead of demanding payment Attack.Ransom via Bitcoin , Ethereum , Bitcoin Cash or Litecoin in exchange for not leaking your password on the internet , the site now hijacks your computer ’ s processing power to mine cryptocurrency in the background . Designed as a copy of the Have I Been Pwned attack , the site began by asking users to enter their emails to see if their password has been compromised Attack.Databreach . Unfortunately , if your password was breached Attack.Databreach , the site demanded Attack.Ransom a “ donation ” of $ 10 by cryptocurrency to not publish your password in plain text on the web . Up to 1.4 billion passwords may have been breached Attack.Databreach , but it ’ s unclear how accurate that figure is . However , because it may be easier — and safer — to change your password than pay the ransom Attack.Ransom , as The Next Web noted , the site shifted its focus from demanding ransomware payments Attack.Ransom to taking over your PC ’ s processing power to mine for cryptocurrency in the background . The publication also confirmed that the malicious site did “ have a database with legitimate passwords , ” but that not all compromised passwords were stored in plain text . The Next Web did not reveal the site ’ s address in its report , citing security reasons , but noted that it doesn ’ t appear that any user had made payment . This is the latest ransomware in recent months that demand Attack.Ransom cryptocurrency as a form of payment . Prior to this incident Attack.Ransom , Thanatos encrypted files on a user ’ s PC by hijacking it using a brute force method . If you want to regain access to those files , you had to send payment Attack.Ransom via cryptocurrency to get a key to decrypt your files . However , at the time , there didn ’ t appear to be a proper decryption key even if you paid . According to a recent Google report , extortionists made out with $ 25 million in just two years , and cryptocurrency was the preferred way to get paid Attack.Ransom . Hackers are also changing the game when it comes to data theft Attack.Databreach . Rather than leaking Attack.Databreach the information to the dark markets , an IBM X-Force Intelligence Index report revealed that hackers prefer to hold files hostage in exchange for a ransom payment Attack.Ransom .

Hard Rock Hotels & Casinos alongside Loews Hotels have warned customers that a security failure may have resulted in the theft of their information . Both incidents appear to have been linked to a third-party reservation platform , SynXis , which only begun informing client hotels of the security breach in June , months after the attacks took place . Hard Rock Hotels & Casinos issued a statement informing customers of the data breach Attack.Databreach last week , which took place due to the Sabre Hospitality Solutions SynXis third-party reservation system . The hotel chain , which operates 176 cafes , 24 hotels and 11 casinos in 75 countries , said SynXis , the backbone infrastructure for reservations made through hotels and travel agencies , provided the avenue for data theft Attack.Databreach and the exposure Attack.Databreach of customer information . `` The unauthorized party first obtained access Attack.Databreach to payment card and other reservation information on August 10 , 2016 , '' the hotel chain said. `` The last access Attack.Databreach to payment card information was on March 9 , 2017 . '' Hard Rock Hotel & Casino properties in Biloxi , Cancun , Chicago , Goa , Las Vegas , Palm Springs , Panama Megapolis , Punta Cana , Rivera Maya , San Diego and Vallarta are all affected . According to Sabre , an `` unauthorized party gained access Attack.Databreach to account credentials that permitted unauthorized access Attack.Databreach to payment card information , as well as certain reservation information '' for a `` subset '' of reservations . The attacker was able to grab Attack.Databreach unencrypted payment card information for hotel reservations , including cardholder names , card numbers , and expiration dates . In some cases , security codes were also exposed Attack.Databreach , alongside guest names , email addresses , phone numbers , and addresses . In May , Sabre said an investigation into a possible breach was underway . In a quarterly SEC filing , the company said , `` unauthorized access has been shut off , and there is no evidence of continued unauthorized activity at this time . '' While Sabre has not revealed exactly how the system was breached , the company has hired third-party cybersecurity firm Mandiant to investigate . Loews Hotels also appears to be a victim of the same security failure . According to NBC , Sabre was also at fault and cyberattackers were able to slurp Attack.Databreach credit card , security code , and password information through the booking portal . In some cases , email addresses , phone numbers , and street addresses were also allegedly exposed Attack.Databreach . According to Sabre , its software is used by roughly 36,000 hotel properties . `` Not all reservations that were viewed included the payment card security code , as a large percentage of bookings were made without a security code being provided , '' Sabre said in a statement . `` Others were processed using virtual card numbers in lieu of consumer credit cards . Sabre has notified law enforcement and the credit card brands as part of our investigation . '' If you stayed in one of these properties on the dates mentioned above , you may be at risk of identity theft should the attackers choose to sell their stolen cache of data . Sabre suggests signing up for a free credit report -- available to US consumers once a year for free -- and notify their bank of any stolen activity . However , no compensation has yet been made available . These hotel chains are far from the only ones that have suffered a data breach Attack.Databreach in recent years . Back in April , InterContinental admitted that a data breach Attack.Databreach first believed to be isolated to 12 properties actually harmed roughly 1,200 , resulting in the exposure Attack.Databreach of customer credit card data .

In a statement , Sanrio said they didn ’ t believe any data was stolen Attack.Databreach . Now , over a year later , the database has surfaced online . Its resurrection places 3.3 million Hello Kitty fans in the hot seat . On December 19 , 2015 , Salted Hash broke the news that a MongoDB installation for Sanrio , the company behind Hello Kitty , was exposed to the public . The database was discovered by security researcher Chris Vickery . Learn about top security certifications : Who they 're for , what they cost , and which you need . At the time , Sanrio speculated the exposure was due to maintenance conducted several weeks prior , on November 20 , 2015 . The database contained just over 3.3 million records from sanriotown.com , including 186,261 records assigned to people under the age of 18 . Three days after the story broke , on December 22 , 2015 , Sanrio said they investigated the problem and fixed it . “ In addition , new security measures have been applied on the server ( s ) ; and we are conducting an internal investigation and security review into this incident . To the Company ’ s current knowledge , no data was stolen or exposed Attack.Databreach , ” the statement concluded . Unfortunately , someone did copy Attack.Databreach the database before the configuration error was fixed . On Sunday , Salted Hash learned that the Sanrio database was added to the LeakedSource index . Examining the LeakedSource records and comparing the field names to the screenshots shared by Vickery in 2015 , the data is a match . For example , both sets of data use the “ _createdFrom ” field , as well as “ dateOfBirth ” , “ gender ” , “ firstName ” , “ lastName ” , etc . In both databases , the records contain the account holder ’ s first and last name , birthday ( encoded , but easily reversed ) , gender , country of origin , email addresses , user name , password ( unsalted SHA-1 hash ) , password hint question , and the corresponding answer . However , there is a field in the LeakedSource records that is new to this story , “ incomeRange ” with values running from 0 to 150 . It isn ’ t clear what these values represent , but not every record has them . As was the case previously , the fear is that the exposed database could cause problems for those registered , especially the children . It ’ s hard enough to deal with ID theft related issues as an adult . Such issues are only compounded for children , as the problems might not materialize for several years . This is true today as well , but there ’ s no telling who followed the advice . Also , there is no way to track who had access to this database , as it ’ s been circulating out of the public eye for a least a year before it was shared with LeakedSource . Salted Hash has reached out to Sanrio for comment . Anyone with concerns about the information exposed can checkout Consumer.gov for advice on recovering from identity theft . In it , they briefly recap the events from 2015 , including their previous alert . The statement goes on to dismiss the latest news , despite sample records matching the previously exposed database . `` Recently , reports have surfaced claiming that the 2015 data breach Attack.Databreach was not corrected . At this time , there is no evidence to support this claim . The original data breach Attack.Databreach from SanrioTown.com users in 2015 did not include credit card information or other payment information . Users ’ passwords are encrypted with the cryptographic hash function SHA-1 . `` SanrioTown and Sanrio Digital notified users about the incident , advising them to change their passwords . It should be noted that this current Sanrio database currently circulating online Attack.Databreach does n't have any financial data , and there have been no claims otherwise . Salted Hash has asked additional questions surrounding the sample data shared Attack.Databreach with Sanrio . After reviewing the sample data sets shared Attack.Databreach by Salted Hash , Sanrio has confirmed that the data indexed by LeakedSource `` looks real '' and likely originated from the exposed database in 2015 . However , the company stopped short of confirming that LeakedSource 's records and the records exposed two years ago are one in the same . “ Sanrio Digital recently received evidence that a 2015 data breach Attack.Databreach of the SanrioTown web site involved some user data theft Attack.Databreach , ” the company said in a statement . “ At the time , we had no evidence of data theft Attack.Databreach , however we have now learned from reporter Steve Ragan of CSO Online that personal information of SanrioTown.com users was stolen Attack.Databreach during the 2015 data breach Attack.Databreach . According to Mr. Ragan , a database containing information of 3,345,168 SanrioTown users has been circulating Attack.Databreach since the time of the incident . “ He received the sample records from LeakedSource containing information of 30 SanrioTown users . We have verified that these sample records appear to be real . We can not , however , relate the source of such sample records to the 2015 data breach Attack.Databreach and we are unable to verify whether the database of LeakedSource contains information of 3,345,168 SanrioTown users stolen Attack.Databreach during the 2015 SanrioTown data breach Attack.Databreach ”