Post Millennial Breach: What You Need to Know and How to Protect Yourself

  • By Farrukh Mushtaq

    Farrukh Mushtaq

    Author Image

    Farrukh Mushtaq, a digital marketer at PureSquare, possesses a keen interest in cybersecurity and enjoys writing about it. With several years of experience in the digital marketing industry, he brings expertise and passion to his work.

    See author profile
  • 20 August 2024
  • 13 mins read

Your personal information may be in the wrong hands. 

Millions of consumers' personal information was compromised in a recent data breach at The Post Millennial. 

We’ll explore the consequences of this breach, how it occurred, and the steps you may take to reduce the risks in this post.

What Happened in the Post Millennial Breach?

Threat actors attacked The Post Millennial, a Canadian news source, on May 2, 2024. 

Three databases, purportedly containing all of the news outlet's email lists, subscriber information, and private information on its authors and editors, were released along with a fake statement supposed to be from Andy Ngo, the editor of the publication.

Since the incident, this information has been shared widely and was posted on BreachForums.

In the course of the attacks, the threat actors publish links to the stolen material shared on the defaced pages, claiming to have taken the company's email lists, subscriber database, and information about its writers and editors.

Troy Hunt provided the information to the Have I Been Pwned data breach notice service yesterday. He stated that there is no proof that the data was taken directly from The Post Millennial or Human Events.

Hunt decided to add the compromised data to HIBP to notify anyone who might be at risk, given that it pertains to a sizable user base. 

According to HIBP:

"The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign)."

What Was the Impact on Post Millennial Customers?

A recent attack that targeted The Post Millennial has exposed information of over 26 million people, according to the Have I Been Pwned data breach reporting service. 

The data breach led to sensitive data being stolen and the front pages of both websites being vandalized. It also affected the associated online news portal Human Events.

This Cyberattack Alone Hacked Millions of Post Millennial Users’ Information

The Post Millennial writers' and editors' names, usernames, addresses, IP addresses, emails, phone numbers, and account information are all included in the 761 records that make up the writers and editors database.

Some entries seem to be filled with a certain amount of bogus or placeholder data, but other data looks accurate and connected with news outlet contributors. For instance, "Zimbabwe" is listed as the user's nation in 540 out of 761 records.

Along with party affiliation, gender, donation amounts, work titles, social media handles, and even what appear to be contact center employees' sales notes, the data also includes information about individuals' political opinions.

What are the Potential Privacy Risks from Exposed Data?

A large amount of private information was made public by The Post Millennial data breach, posing many privacy dangers to those who were impacted.

The privacy risks include:

Identity TheftCybercriminals can use names, email addresses, and possibly other personal information to impersonate people and steal personal identities.
Financial LossPeople may incur false charges if their payment information is hacked.
Account TakeoversWhen hackers get access to another person's online account, they can take control of that account by using stolen email addresses and passwords.
Phishing AttacksBy using exposed email addresses, con artists can use phishing scams to target people and steal their money or personal information.
Targeted AdvertisingThe leaked data can be used to create detailed profiles of individuals, which can be exploited for targeted advertising or other forms of manipulation.
Harassment and DoxxingPublicly available personal data, including email addresses and physical addresses, can be used to harass or dox journalists.

How to Take Immediate Action in Case of a Data Breach

Because post-millennial websites usually collect sensitive data from their subscribers, there are particular issues associated with a data breach on these types of websites. 

These platforms frequently contain a wealth of personally identifiable information, all of which can be extremely valuable to hackers. So you should consider taking these prompt safety measures in the course of a data leak:

  • People whose information was exposed in this database should be alert for efforts to take over accounts that have the same email address and password.
  • Separate the impacted system by cutting off the network segment or the infected server's internet connection.
  • Put emergency safety precautions in place by disabling useless services and banning suspicious IP addresses for a while.
  • Make all consumers reset their passwords right away. Think about enforcing strong password requirements.
  • Keep an attentive eye out for suspicious activity on user accounts in case financial data is compromised.
  • Enforcing 2FA can give account holders an additional degree of protection.
  • To stop unwanted access, temporarily freeze your affected accounts.
  • Turn off services like file sharing and email that could have been abused for a short while.
  • Examine the dark web for compromised credentials and exposed data.

Use Dark Web Monitoring to Get Alerts About Information Leaks

Your personal information is a target for hackers and scammers, that will ruin your online identity and finances.

Imagine losing your hard-earned money, your reputation, and your peace of mind to a cybercriminal.

With PurePrivacy, you can scan the Dark Web 24/7 and receive alert notifications whenever someone posts your private information (name, address, credit card details, credentials, SSN). At only $5.83/month, you'll get instant dark web alerts and the power to stop data breaches dead in their tracks.

Get Pureprivacy Now Read more about Pureprivacy Dark Web Monitoring alert

PurePrivacy is a complete solution to protect your online identity as we understand the growing worries over internet privacy. With PurePrivacy at your fingertips, you can:

  • Use Dark Web monitoring to run scans for your private information and take action in case of a data breach 
  • Get the Tracker Blocker to get rid of websites and platforms that are harvesting your personal data 
  • Use the Remove My Data option to reduce online footprints from publicly available platforms 
  • Enable the Social Privacy Manager to enhance social media privacy settings on Facebook, Instagram, Spotify, LinkedIn

Monitor the Dark Web for Your Private Details 

You can scan the dark web for any data leaks and get notified right away with this efficient monitoring system if your personal information is exposed.

View Data Broker Scan to See Your Privacy Level 

You can find out what hidden profiles data brokers have made on you with the help of the Data Broker Scan. You can identify these online records using PurePrivacy and take action.

Auto-Delete or Hide Posts from Prying Eyes 

You can take control of your online profile by automatically deleting or hiding social media posts. Keep inappropriate or out-of-date content out of the wrong hands.

Prevent Unnecessary, Online Trackers from Data Collection 

You can protect yourself from tracking that isn't necessary by disabling invasive cookies and website domains from harvesting your data.

Frequently Asked Questions (FAQs)

  • What was the post millennial data breach about?

    Plus

    Earlier last month, three databases connected to the news outlet The Post Millennial revealed over 87 million user’s information, including over 57 million unique email addresses and over 39,000 passwords.

  • Who is in charge of the post-millennial ownership?

    Plus

    The Post Millennial is an online far-right Canadian publication that is available in English. Established in 2017, it distributes both local and national news along with a substantial volume of opinion pieces. Since 2022, it has been owned by Human Events Media Group, the parent organization of the right-wing American website Human Events.

  • How can I tell if someone has stolen my data?

    Plus

    If the service you use has notifications, turn them on and keep an eye out for any unusual login attempts. Watch out for emails and texts purporting to be password retrieval scams, and only update your account information by visiting the official website.

  • In what ways do hackers expose data?

    Plus

    Malicious actors gain access to your network if they know your login and password combination. Because most people repeat their passwords, hackers can access email, websites, bank accounts, and other forms of personally identifiable information (PII) or financial information by using hacking attacks.

  • Simplify your online presence today

    With PurePrivacy, make sure all your personal data remains safe without a hassle!

In Summary!

Millions of users' private information was compromised in the Post Millennial data breach, underscoring the critical necessity for strong cybersecurity protections for user data. 

This incident highlights the need to give online safety a top priority and highlights the potential consequences of careless data handling practices.