More Than 1 Billion Passwords on the Dark Web Including 123456 [source: itsecuritycentral]
by CIRT Team
A dump of 1.4 billion passwords – clear text passwords available in an aggregated, interactive database – was recently discovered online by 4iQ. While it might sound like more of the same, a couple factors make this news both particularly concerning and sadly predictable.
Details of the Data
Here are a few details about what 4iQ discovered:
- The 41GB dump was found on December 5, 2017 in an underground community forum.
- The data is from several incidents and sources, including dumps from Netflix, Last.FM, LinkedIn, MySpace, and popular games like Minecraft and Runescape.
- While some data was previously available online, 14% of exposed username/passwords pairs had not previously been decrypted by the community and are now available in clear text.
Easy-to-Use Data
Particularly concerning is how easy this data is to use for any would-be hacker. 4iQ reports that the interactive database allows for fast (one-second response) searches and new breach imports. Given the fact that people reuse passwords, hackers can automate account hijacking or account takeover.
The increase in cybercrime-as-a-service – with kits and technical support available via online marketplaces – means that it doesn’t take a tech genius to do damage using hacked data.
For more, click here.
Recommended Posts
BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত
22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes
25 Oct 2022 - News, News Clipping
সাইবার-নিরাপত্তা-সূচকে-এগিয়েছে-বাংলাদেশ
30 Jun 2021 - CIRT In Media, News Clipping