The Heritage Foundation reports data breach exposing over 500k people

The Heritage Foundation, a conservative think tank, has confirmed a significant data breach involving an archive of The Daily Signal from 2022. Initially resistant to acknowledging the breach, the foundation eventually confirmed that hackers, identified as SiegedSec, accessed a repository containing personal information of contributors.

Over 500,000 identities and passwords were compromised, as reported by Malwarebytes. The compromised data includes:

• Phone numbers
• IP addresses
• Email addresses
• Usernames
• Passwords
• Full names
• Other personal information

No details about the nature of the attack are disclosed.

Affected individuals should reset their passwords used on the Heritage Foundation sites, and reset it everywhere else they used the same password. They should also enable two-factor authentication (2FA) and be very careful with emails from the foundation that may be phishing.

• Verify the identity of individuals contacting you about the breach.
• Be cautious of phishing attempts disguised as urgent communications.
• Avoid storing credit card details on websites.
• Utilize services that alert you if your personal data is found online.

It's not clear whether Heritage Foundation will notify the affected individuals.