100 Million Records on Sale after Russian Social Networking Site Breach
100 million accounts, including user names, logins and phone numbers, were allegedly stolen in a VK.com hack, then put on sale for US$580 in bitcoins, LeakedSource reported.
As the Russian social networking site was breached approximately three or four years ago and it is common for hackers to attempt to sell fake lists, LeakedSource is currently investigating the legitimacy of these accounts.
LeakedSource received the database from a user with the alias Tessa88[at]exploit.im, the hacker who tried to sell stolen MySpace credentials. The data repository from the LinkedIn, MySpace.com, Badoo.com and VK.com breaches is available and users are encouraged to check if their credentials have been compromised.
The 55 most-used passwords are also available for review and, although users are constantly warned about the importance of strong passwords, the most common is “123456”Â.
“Passwords were stored in plaintext with no encryption or hashing,” the search-engine found. “The methods VK used for storing passwords are not what internet standards propose because hackers can now see all 100 million passwords used on the site.”
Following a number of requests, LeakedSource is working on launching a business API that companies can use to check if their users’ credentials were leaked.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021