SmallBiz Secure Dashboard

Breach Alerts

View all

No new breach alerts

All clear! No compromised credentials found.

Vulnerabilities

View report

Website Security Grade

alicesart.com - Last scanned: Mar 30

1 high severity issue

1 medium severity issue

ALERT: Breach Detected – Action Required!

Data Breach Detected – April 25, 2025

Incident ID: INC-2025-04-25-001

We detected that 2 user accounts associated with your business have been compromised in a likely data breach.

Compromised Accounts

Email	Password Status	Source
alice@alicesart.com	Hashed: $2a$...	"Collection #X" leak on dark web
sales@alicesart.com	Plaintext: "sunshine123"	Posted by Hacker007 on BreachForum

We are 99% confident this data pertains to your business because the email domains match and context suggests an e-commerce breach.

Incident Response Steps

Reset Passwords

Change passwords for the affected accounts immediately. Ensure new passwords are strong and unique.

Investigate Source

These credentials may have been stolen from your website's customer database. Check if any unusual access or if your web store plugin is up to date.

Notify Affected Individuals

Inform your staff (Alice, Sales team) about this incident and ensure they do not reuse that password elsewhere.

Future Prevention

Enable two-factor authentication for all your company email accounts to mitigate damage from password leaks.

Need Help?

Our security experts are available to assist you with this incident.

Employee Training

View all

2/5

Training Completed

2 of your 5 employees have completed the required training.

Next Recommended Module:

Phishing Awareness - Learn how to identify and avoid phishing attempts.

Recommendations

Enable Two-Factor Authentication

Add an extra layer of security to your dashboard login.

Schedule Security Review

No incidents in 60 days – consider scheduling a brief security review meeting with your staff.

Set Up Email Alerts

Receive immediate notifications when potential threats are detected.

Website Scan Details

Grade: C

High: Admin Page Exposure

Your site's admin page is publicly accessible at /wp-admin with a default admin username.

Medium: Outdated Server Version

Your server is disclosing its software version (Apache 2.4.1) which is outdated.

Medium: Missing SPF Record

No SPF record found for your domain – could allow email spoofing.

Community Comparison

Join other Tampa Bay businesses in securing your operations.

You've completed 3 modules, the local average is 2. Great job!