The book promotion site NetGalley suffered a data breach that allowed hackers to access a database of members' personal information.
NetGalley is a site that allows authors and publishers to promote copies of their digital book reviews (galleys) to book sponsors, influential readers and professionals of the industry in the hope that they will recommend their books to the public.
On Monday, December 21, the NetGalley website was hacked and defaced. Upon further investigation, it was determined that the threatening agents also had access in a backup copy database of the site containing member data.
"It is with great sadness that we announce that on Monday, December 21, 2020, NetGalley was the victim of a data security incident. What at first seemed like a simple deface of her home page us, with further investigation, resulted in unauthorized and illegal access in a backup file of the NetGalley database, ”NetGalley said in a data breach advisory.
This backup database contained the personal details of NetGalley members, including the login name, Password, of the name and of e-mail. Other optional information that could be found at database include birthday, company name and Kindle email.
NetGalley states that there was no financial information stored in the database. In response to the breach, NetGalley requires all users to reset their password the next time connection.
What should NetGalley users do?
If you are a NetGalley member, you must log in to the site immediately and change your password.
If you use the same NetGalley password on other sites, you will need to change the password on those sites to one Unique and powerful for this site.
Using unique passwords on each site you have an account with is very important so that you are not affected when a data breach occurs in a website.
It is recommended to use one password manager to help you save the passwords of each site.
Source of information: bleepingcomputer.com