More Than 1 Billion Passwords on the Dark Web Including 123456 [source: itsecuritycentral]

A dump of 1.4 billion passwords – clear text passwords available in an aggregated, interactive database – was recently discovered online by 4iQ. While it might sound like more of the same, a couple factors make this news both particularly concerning and sadly predictable.

Details of the Data

Here are a few details about what 4iQ discovered:

The 41GB dump was found on December 5, 2017 in an underground community forum.
The data is from several incidents and sources, including dumps from Netflix, Last.FM, LinkedIn, MySpace, and popular games like Minecraft and Runescape.
While some data was previously available online, 14% of exposed username/passwords pairs had not previously been decrypted by the community and are now available in clear text.

Easy-to-Use Data

Particularly concerning is how easy this data is to use for any would-be hacker. 4iQ reports that the interactive database allows for fast (one-second response) searches and new breach imports. Given the fact that people reuse passwords, hackers can automate account hijacking or account takeover.

The increase in cybercrime-as-a-service – with kits and technical support available via online marketplaces – means that it doesn’t take a tech genius to do damage using hacked data.

For more, click here.