Presently sponsored by: NTT’s Samurai XDR offers affordable enterprise-grade security for businesses of any size. $40 /endpoint/year. Try it free for 30 days!

I'm in Spain! Alicante, to be specific, where we've spent the last few days doing family wedding things, and I reckon we scrubbed up pretty well:

Getting fancy in Spain 😍 pic.twitter.com/iDFmBORnHa

— Troy Hunt (@troyhunt) September 9, 2023

Next stop is Amsterdam and by the end of today, we'll be sipping cold beer canal side in the 31C heat 😎 Meanwhile, this week's video focuses mostly on the Dymocks breach and the noteworthiness of what appears to be excessive data retention. After recording this video, someone also pointed out that the data is already being abused in a pretty traceable fashion:

@troyhunt not sure if this is particularly useful but I just received this scam attempt. I use iCloud's Hide My Email service and the address this email was sent to was the same address iCloud generated for use with my Dymocks account. pic.twitter.com/GiFZ7EIDo2

— matt (@matt_0833) September 9, 2023

That's all for this week, a little shorter as I was rushing for the wedding, I'll come to you next week from our second home, Oslo 🇳🇴

References

1. Sponsored by: Fastmail. Check out Masked Email, built with 1Password. One click gets you a unique email address for every online signup. Try it now!
2. Dymocks Australia found themselves breached (I suspect the significant number of retained inactive records will cause them some grief)
3. No, data breaches don't typically just sit on the "dark web", they circulate broadly on easily accessible forums (that's true of the vast bulk of data in HIBP!)