Actualidad Empresarial

We're consistently seeing older breaches resurface in new contexts, often leveraged in credential stuffing attacks or used to enrich existing datasets for targeted phishing campaigns. This particular incident caught our attention not because of its size, but due to the sensitive nature of the affected user base and the fact that passwords were stored in plain text – a security lapse that should be relegated to history. The re-emergence of this data underscores the long tail of risk associated with legacy breaches and highlights the continued importance of monitoring for exposed credentials, regardless of the initial breach date.

Actualidad Empresarial: The Peruvian Business Magazine Breach That Keeps on Giving

In August of 2018, Actualidad Empresarial, a Peruvian business magazine, experienced a data breach. While the initial reports mentioned approximately 46,000 records, our analysis focuses on the confirmed exposure of 30,397 unique email addresses paired with plaintext passwords. The data had been circulating quietly in smaller circles, but we observed a recent spike in its availability on several prominent hacking forums, suggesting a renewed interest in leveraging this older breach.

The breach was discovered after a member of a well-known hacking forum posted a sample of the data, claiming it was a "fresh" find. Closer inspection revealed the data originated from the 2018 breach of Actualidad Empresarial. What made this re-emergence noteworthy was the clear, unencrypted nature of the passwords, making them immediately usable for account takeover attempts. This is especially concerning given the potential for these accounts to be reused across different platforms.

This breach matters to enterprises now because it serves as a potent reminder that older breaches don't simply disappear. The exposed credentials can be, and often are, compiled into massive combolists used in automated attacks. The plaintext nature of the passwords significantly lowers the barrier to entry for attackers, increasing the likelihood of successful account compromises. This incident also underscores the critical need for robust password management practices, including the use of password managers and unique, complex passwords for each online account.

Key point: Total records exposed: 30,397

Key point: Types of data included: Email Address, Plaintext Password

Key point: Sensitive content types: Potentially business-related communication depending on email content

Key point: Source structure: Likely a database export, possibly a SQL dump based on similar incidents.

Key point: Leak location(s): Initially shared on a popular hacking forum, now appearing on multiple platforms including Telegram channels known for distributing combolists.

Key point: Date of first appearance: August 26, 2018, with renewed activity observed recently.

External Context & Supporting Evidence

While specific news coverage of the 2018 Actualidad Empresarial breach is limited, the incident aligns with a broader pattern of older breaches resurfacing in new contexts. Security blogs and forums frequently discuss the ongoing threat posed by combolists derived from past breaches. For example, HaveIBeenPwned includes Actualidad Empresarial in their database of breached sites. The prevalence of tools designed to automate credential stuffing attacks, often discussed on platforms like Reddit's r/cybersecurity, further amplifies the risk associated with exposed credentials, regardless of their age.

Email · Address · Plaintext · Password