Data Breaches

Data of 2.4M Blur Password Manager Users Exposed


Abine which is the company behind the Blur password manager has revealed that they have been affected by a data breach that potentially exposed the data of around 2.4 million users.

The breach was discovered last year December 13th, when the company was contacted by a security researcher regarding a server that exposed a file that contains information of the Blur users prior to Jan. 6, 2018. Abine conducted internal audit and after determining the size of the breach, the data leak was made public last Monday.

The file was available free accessible online and the information includes email addresses, first and last name of the users, password hints from their old MaskMe product, last and second to last IP address of the people that logged in to Blur, and encrypted password information.

Abine encrypts passwords using bcrypt with a unique salt for every user, and this was the one that was exposed in the file and not the actual passwords.

Password hints can be used to access the accounts on other platforms, which are being used in conjunction with the email addresses revealed. All the Blur users are highly recommended to change their passwords and in case same passwords are used in multiple accounts, change that too.

Users must make use of the two-factor authentication for their account as they provide an extra layer of security.

The company however confirmed that the usernames and passwords stored by the users in their Blur account are not exposed. This also includes auto-fill credit card details, Masked Emails, Masked Phone numbers, and Masked Credit Card numbers.

Password managers are always a best choice when it comes to maintain multiple secure passwords as today most of the people have multiple online accounts.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Huawei to spend $2 billion over five years in cybersecurity push

    Previous article

    Vulnerabilities detected in hardware cryptocurrency wallets

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *