By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    WordPress plugins and themes used to inject backdoors – Hacker
    WordPress plugins and themes used to inject backdoors
    7 months ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 1, 2023 to May 7, 2023)
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 1, 2023 to May 7, 2023)
    5 months ago
    Site Wide Reflected XSS in Freemius WordPress SDK
    Site Wide Reflected XSS in Freemius WordPress SDK
    2 months ago
    Latest News
    Two privilege escalation vulnerability in Simple Membership Plugin
    11 hours ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
    7 days ago
    Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
    1 week ago
    Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    12 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    12 months ago
    How to fix Microsoft Store not working on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    7 months ago
    Now you can speed up any video in your browser
    7 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    8 months ago
  • How To
    How ToShow More
    How to get the latest Windows 11 innovations
    14 hours ago
    Dynamic Lighting is now available on Windows 11
    14 hours ago
    Writing poems using LLama 2 on Workers AI
    Writing poems using LLama 2 on Workers AI
    14 hours ago
    serverless GPU-powered inference on Cloudflare’s global network
    serverless GPU-powered inference on Cloudflare’s global network
    14 hours ago
    You can now use WebGPU in Cloudflare Workers
    You can now use WebGPU in Cloudflare Workers
    14 hours ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Offline browser
    11 months ago
    How to change laptop behavior when closing the lid?
    11 months ago
    How to play PC games from Android phone?
    11 months ago
    Latest News
    How to install September 2023 update with 23H2 features for Windows 11
    19 hours ago
    How to uninstall September update (KB5030310) from Windows 11
    19 hours ago
    How to remove the quiet mode icon in the corner of the iPhone 15 screen ProiPhone 15 Pro and iPhone
    2 days ago
    Sberbank has figured out how to effectively catch scammers – it will listen to everything you
    2 days ago
  • Glossary
  • My Bookmarks
Reading: i-Dressup active breach
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Wordpress Threats

i-Dressup active breach

Vitus White
Last updated: 13 October
Vitus White 12 months ago
Share
5 Min Read

Being a parent is tough in the digital age. The bullies and predators you have to worry about have expanded beyond physical threats to ones that lurk around every corner of the World Wide Web.

idressup-passwords-leak-featureed

Being online lets kids connect with people around the world and make more friends, faster, than imaginable for someone who grew up without the Internet, like yours truly. Communities have popped up online for kids with interests varying from Hello Kitty to League of Legends to crafting and fashion — not to mention the traditional social networks. One such network that has millions of users is i-Dressup.

From the site’s FAQ: I-Dressup is a flash dress up games site and an online community that encourages members to explore their creativity and fashion sense with unique personal profiles. From the moment you join iZone, our online community, there are tons of ways to create, communicate, participate and have fun! For members under 13, parental consent is required to access certain features of iZone.

Unfortunately for the millions of users of this site (and their parents), their data has been compromised. To make things worse, according to Ars Technica, the site owners did not respond to contact attempts from Ars and Have I Been Pwned? noting that there was a data leak on the site days ago.

Thus far it is estimated that more than 2 million passwords have been stolen using the SQL-injection vulnerability. To make matters worse, the passwords were stored in plain text, not encrypted. The Ars post notes that the vulnerability is still active and could affect the accounts of up to 5.5 million teenage girls.

What does this mean?

In any data breach, personal information may be sold to the highest bidder or simply dumped online for everyone to see. In the case of minors, the risk of identity theft going undetected is greater because most teens won’t yet have started monitoring their credit reports — and won’t until they begin applying for credit cards and jobs.

So, similar to the Hello Kitty breach from the 2015 holidays, this could mean potentially more than 5 million kids falling victim to a crime.

What should you do?

For starters, you should work with your children to delete their i-Dressup account (we would suggest changing the password, but that won’t help; seems that the vulnerabilities are still in place) and to check the security settings of the e-mail account associated with their i-Dressup account.

You should also let your kids know that they should not reuse passwords. If they reused MyLittlePony on their Facebook, Snapchat, and other accounts, they need to change all of those passwords as well. The important thing to stress is that with one set of passwords out there, someone could take over their other accounts as well.

You should also make your kids aware of the e-mail scams that may follow this breach: scammers trying to impersonate site representatives to try to get them to click malicious links or even shake them down for money.

As a parent, you should also make sure that you have a strong security solution covering your family’s devices (phones, computers, tablets, etc.). If you want to make sure your kids don’t go to sites that they should not, you can also consider looking at tools that offer parental controls. One solution we would suggest here is Kaspersky Total Security, whose robust features help you to protect devices as well as monitor your kids’ activities both online and off (you can tailor settings to your children’s age and family rules). Click here to download a free 1-month trial.


Source: kaspersky.com

Translate this article

TAGGED: Facebook, SASE, Security, SQL injection, Threat, Threats, Vulnerabilities
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Two privilege escalation vulnerability in Simple Membership Plugin
Two privilege escalation vulnerability in Simple Membership Plugin
Wordpress Threats 14 hours ago
How to get the latest Windows 11 innovations
Windows 14 hours ago
Dynamic Lighting is now available on Windows 11
Windows 14 hours ago
Writing poems using LLama 2 on Workers AI
Writing poems using LLama 2 on Workers AI
Apps 14 hours ago
serverless GPU-powered inference on Cloudflare’s global network
serverless GPU-powered inference on Cloudflare’s global network
Apps 14 hours ago

You Might Also Like

Two privilege escalation vulnerability in Simple Membership Plugin
Wordpress Threats

Two privilege escalation vulnerability in Simple Membership Plugin

14 hours ago
Windows

How to get the latest Windows 11 innovations

14 hours ago
Writing poems using LLama 2 on Workers AI
Apps

Writing poems using LLama 2 on Workers AI

14 hours ago
You can now use WebGPU in Cloudflare Workers
Apps

You can now use WebGPU in Cloudflare Workers

14 hours ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
Critical Vulnerability in Forminator Plugin
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme
How to download Windows 11 22H2 ISO after 23H2 releases
Previous Next

10 New Stories

You can now use WebGPU in Cloudflare Workers
How to install September 2023 update with 23H2 features for Windows 11
How to uninstall September update (KB5030310) from Windows 11
Traffic anomalies and notifications with Cloudflare Radar
Sippy helps you avoid egress fees while incrementally migrating data from S3 to R2
the modern way to connect and protect your clouds, networks, applications and users
Previous Next
Hot News
Two privilege escalation vulnerability in Simple Membership Plugin
How to get the latest Windows 11 innovations
Dynamic Lighting is now available on Windows 11
Writing poems using LLama 2 on Workers AI
serverless GPU-powered inference on Cloudflare’s global network
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?