SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
9 Mar 2017

Hacker selling over 1 million decrypted Gmail and Yahoo passwords on dark web

In past year, billions of accounts from popular sites and services, including LinkedIn, MySpace, Yahoo!, VK.com, Last.FM, were exposed on the Internet.

Hardly a day goes without headlines about any significant data breach. Now, according to the recent news, login credentials and other personal data linked to more than one Million Yahoo and Gmail accounts are reportedly being offered for sale on the dark web marketplace.

The online accounts listed for sale on the Dark Web allegedly contain usernames, emails, and plaintext passwords. The accounts are not from a single data breach; instead, several major cyber-attacks believed to have been behind it. The hacker going by the online handle 'SunTzu583' has listed a number of cracked email packages on a series of dark websites.

Here's the full list of accounts and their prices:

  •     100,000 Yahoo accounts acquired from 2012 Last.FM data breach, for 0.0084 Bitcoins ($10.76).
  •     Another 145,000 Yahoo accounts acquired from two separate data breaches – the 2013 Adobe data breach and the 2008 MySpace breach – for 0.0102 Bitcoins (USD 13.75).
  •     500,000 Gmail accounts from the 2008 MySpace hack, the 2013 Tumblr breach, and the 2014 Bitcoin Security Forum breach for 0.0219 Bitcoins ($28.24).
  •     Another 450,000 Gmail accounts for 0.0201 BTC (USD 25.76), which came from various other data breaches in Dropbox, Adobe, and others that took place between 2010 and 2016.
     

Last.FM data breach from 2012 exposed 43 million user accounts that were publicly released in September last year. Adobe breach from October 2013 exposed over 153 million accounts containing internal IDs, usernames, emails, encrypted passwords and a password hint in plain text. MySpace data breach from 2008 exposed 360 million user accounts, containing usernames, emails and their decrypted (plaintext) passwords, which were leaked on the dark web in 2016.

Google’s Gmail email service is known to be one of the most secure email services, but no company can secure their accounts from hackers due to a third party data breach. Millions of Gmail accounts, in which usernames, emails, and plaintext passwords were exposed, were stolen in multiple data breaches in Bitcoin Security Forum, Tumblr, Last.fm, 000webhost, Adobe, Dropbox, Flash Flash Revolution, LookBook and Xbox360 ISO, happened between 2008 and 2016.

The data listed for sale by SunTzu583 has not been independently verified, but has reportedly been checked by matching it to the data on a number of data breach notification platforms, including Hacked-DB and HaveIBeenPwned.

Here's What All You Can Do:

Needless to say, you should immediately change almost all your account passwords at least once. Also enable two-factor authentication for all your online accounts immediately. And once again, a strong recommendation: Don't Reuse Passwords. Also, you are recommended to change your password every few months, which limits how long a stolen password is useful to a hacker. Since no one can remember and recreate strong passwords for every single online account regularly, the best practice is to use a good password manager. It will generate, store and change regularly strong, unique passwords for all your accounts.

Tags:
Yahoo Gmail information leaks
Source:
The Hacker News
2062
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015