Company Notification – Important: CyberVor Data Breach

What you should know:

On August 5th, it was reported by Hold Security that a Russian hacker group they call CyberVor has amassed over 1.2 billion unique sets of login credentials in the form of email address/username and password combos. These credentials were harvested from 400,000+ websites that were identified as vulnerable to SQL injection attacks and were subsequently compromised. This appears to be the largest breach of user credentials to date and represents a threat worse than Heartbleed. Given the scale of the breach it’s not unlikely that a site you or your users have visited was compromised. Note that this breach affected large and small websites alike; CyberVor attacked any site they could find that was vulnerable to a SQL injection attack. A complete list of compromised sites is not currently available, nor is the list of email addresses CyberVor collected.

For more information about the breach you can read:

Hold Security’s original posting here:

And the New York Times report here:

What to do:

Envision Consulting recommends that all users change their passwords for any websites that are important to them; this includes financial sites, e-commerce sites with stored payment information, web-based email sites and any other site of personal or commercial importance. Note: It is very important to avoid reusing the same password across multiple sites, especially on financial or email accounts. Wherever available Envision also recommends enabling 2-factor authentication as an extra security measure.

If you have any further question or concerns please contact and we will be happy to assist.

Thank you,

Envision Consulting

Envision Consulting

Envision Consulting

We started Envision Consulting for businesses that share our passion for building long- term and healthy relationships. While we might be technology experts, we’ve always known that trust, reliability and looking after a client’s best interest are paramount to succeeding in business. But in 2001 and to this day, there were few managed IT providers available that embodied our customer-centric values. There were countless support companies more interested in reacting to issues than paving the road forward for clients, making it far too difficult to build long-term relationships. We felt a strong pull to make something different, and we did.