More Than 1 Billion Passwords on the Dark Web Including 123456 [source: itsecuritycentral]

by CIRT Team

A dump of 1.4 billion passwords – clear text passwords available in an aggregated, interactive database – was recently discovered online by 4iQ. While it might sound like more of the same, a couple factors make this news both particularly concerning and sadly predictable.

Details of the Data

Here are a few details about what 4iQ discovered:

• The 41GB dump was found on December 5, 2017 in an underground community forum.
• The data is from several incidents and sources, including dumps from Netflix, Last.FM, LinkedIn, MySpace, and popular games like Minecraft and Runescape.
• While some data was previously available online, 14% of exposed username/passwords pairs had not previously been decrypted by the community and are now available in clear text.

Easy-to-Use Data

Particularly concerning is how easy this data is to use for any would-be hacker. 4iQ reports that the interactive database allows for fast (one-second response) searches and new breach imports. Given the fact that people reuse passwords, hackers can automate account hijacking or account takeover.

The increase in cybercrime-as-a-service – with kits and technical support available via online marketplaces – means that it doesn’t take a tech genius to do damage using hacked data.

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping