KrebsOnSecurity celebrates its 14th anniversary today! I promised myself that this post wouldn’t be another cybersecurity year in review. I also don’t want to talk about the cyber terror that may occur in 2024. But I do want to thank all of you for your continued readers, encouragement, and support, without you I wouldn’t be able to do what I do.
As of this birthday, I have officially been an independent investigative reporter longer than I was a reporter for The Washington Post (1995-2009). Of course, that’s not the case if you count the years I spent as a paperboy delivering The Washington Post to dozens of homes in Springfield, Virginia (as a young teen, I inherited A larger newspaper route inherited from my older siblings).
True story: When I was hired as a low-level copy assistant at The Washington Post, all new hires—from the mailroom to janitors to executives—were invited to join publisher Don Graham in the executive suite Attend a formal dinner. On the night of the new hires dinner, I felt underdressed, under-showered, and out of place. After wolfing down some food, I tried to sneak into the elevator with another photocopy assistant, but was pulled aside by the man who hired me. “Hey Brian, not so fast! Come meet Don!”
I was 23 and I didn’t know what to say except to tell him the story about the paper route and that I’d been working for him for half my life. Mr. Graham laughed and told me that was the best thing he had heard all day. It certainly made my week better and made me feel more comfortable in my suit.
I remain grateful to WaPo for instilling many skills in me, such as how to distill technical terms into simple English for a general audience. and how to make people the focus of high-tech stories. Because whether one fully grasps the technical details or not, the people and their eternal struggles are looming.
When I try to describe how grateful I am that the whole independent journalist thing is still valid, financially and otherwise, I’m at a loss for words. I mostly just dig into stuff and share my findings, and somehow a lot of people keep coming back to this site. As I like to say, I hope they let me keep doing this because I’m certainly not qualified to do anything more!
Another milestone: We now have more than 52,000 subscribers to our email newsletter, which is a fancy term for a text-only email that’s sent out as soon as a new story is posted here. Subscription is free, we never share anyone’s email address, and we don’t send emails other than notifications of new stories (2-3 times a week).
As a friendly reminder, while you may see ads at the top of this site (or spaces where ads should be), all of the two dozen or so ad creatives we run are reviewed by me and provided in-house. The website also does not host any third-party content. If you frequently browse the web with your ad blocker turned on, consider adding an exception for KrebsOnSecurity.com. Our advertising partners are how we keep this place alive.
If you missed any of them, here are some of the most-read stories published by KrebsOnSecurity in 2023. Happy 2024 to everyone!
Ten years later, new clues to target breakthrough
Anyone can easily become you at Experian
Experts worry scammers are cracking keys stolen in LastPass breach
Why is .US used by so many Americans for phishing?
Few Fortune 100 companies list security experts among their executive ranks
Who is behind the web snail mail scam?
Phishing domain under siege after Meta sues Freenom
Many public Salesforce sites are leaking private data
Hackers claim they breached T-Mobile more than 100 times in 2022
Identity thieves bypass Experian security to view credit reports