First LinkedIn, Now Twitter ... Hacked User IDs For Sale

Uploaded on 2016-06-13 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

There is yet another hack for users of popular social media sites to worry about. Hackers may have used malware to collect more than 32 million Twitter login credentials that are now being sold on the dark web. Twitter says that its systems have not been breached.

“We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” a Twitter spokesperson said.

LeakedSource, a site with a search engine of leaked login credentials, said in a blog post that it received a copy of the user information from “Tessa88@exploit.im,” the same alias used by the person who hacked the data from a Russian social media site.

Other major security compromises which have hit the news recently include a Myspace hack that involved over 360 million accounts, possibly making it the largest one ever, and the leak of 100 million LinkedIn passwords stolen in 2012.

LeakedSource says the cache of Twitter data contains 32,888,300 records, including email addresses, usernames, and passwords. LeakedSource has added the information to its search engine, which is paid but lets people remove leaked information for free.

Based on information in the data (including the fact that many of the passwords are displayed in plaintext), LeakedSource believes that the user credentials were collected by malware infecting browsers like Firefox or Chrome rather than stolen directly from Twitter. Many of the affected users appear to be in Russia—six of the top 10 email domains represented in the database are Russian, including mail.ru and yandex.ru.

Even though Mark Zuckerberg got several of his non-Facebook social media accounts hacked this week, including Twitter, his information wasn’t included in this data set, LeakedSource claims. Zuckerberg was ridiculed for appearing to reuse “dadada” as his password on multiple sites, but results from LeakedSource’s data analysis shows that many people are much less creative. The most popular password, showing up 120,417 times, was “123456,” while “password” appears 17,471 times. An analysis of the VK data also turned up similar results.

In a statement to TechCrunch, Twitter suggested that the recent hijacking of accounts belonging to Zuckerberg and other celebrities was due to the re-use of passwords leaked in the LinkedIn and Myspace breaches.

“A number of other online services have seen millions of passwords stolen in the past several weeks. We recommend people use a unique, strong password for Twitter,” a Twitter spokesperson said. Twitter suggests that users follow the suggestions in its help center to keep their accounts secure. Twitter also posted on its @Support account that it is auditing its data against recent database dumps.

LeakedSource said that it determined the validity of the leaked data by asking 15 users to verify their passwords. All 15 confirmed that the passwords listed for their accounts were correct. However, experts cautioned that the data may not be legitimate.

Michael Coates, Twitter’s trust and information security officer, tweeted that he is confident the social media platform’s systems have not been compromised.

We have investigated reports of Twitter usernames/passwords on the dark web, and we're confident that our systems have not been breached.

“We securely store all passwords w/ bcrypt,” Coates added, referencing a password hashing function considered secure. “We are working with LeakedSource to obtain this info & take additional steps to protect users,” he continued.

Troy Hunt, the creator of a site that catalogs breaches called haveibeenpwned.com, also expressed skepticism about the authenticity of the data. Hunt told TechCrunch that he’d heard rumors of breaches at Twitter and Facebook for several weeks but had yet to see convincing proof. “They may well be old leaks if they’re consistent with the other big ones we’ve seen and simply haven’t seen the light of day yet. Incidentally, the account takeovers we’ve seen to date are almost certainly as a result of credential reuse across other data breaches,” Hunt said.

Whether or not the leaked Twitter credentials are authentic, it never hurts to change your password — especially if you use the same password across several sites. Turning on two-factor authentication also helps keep your account secure, even if your password is leaked.

TechCrunch:

« The FBI Is Looking For A Fight Over Encryption
MI5's Uncontrolled Bulk Data Collection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

General Dynamics Information Technology (GDIT)

General Dynamics Information Technology (GDIT)

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

Leibniz-Rechenzentrum (LRZ)

Leibniz-Rechenzentrum (LRZ)

The LRZ supports ground-breaking research and teaching in a wide range of scientific disciplines including information security and data protection.

SecurityScorecard

SecurityScorecard

SecurityScorecard provides the most accurate security ratings & continuous risk monitoring for vendor and third party risk management.

OutThink

OutThink

OutThink is a web-based platform (SaaS) that has been developed specifically to identify and reduce risky workforce behaviours and build a risk aware culture.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

Pillar Technology Partners

Pillar Technology Partners

Pillar Technology Partners is an Information Security Company with a focus on improving Cyber Risk and optimizing the processes and technology that underpin the security of your information assets.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Virtual Infosec Africa (VIA)

Virtual Infosec Africa (VIA)

Virtual InfoSec Africa (VIA) is a wholly-owned Ghanaian company specializing in information security and cybersecurity solutions and services.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

OpenAI

OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

BARR Advisory

BARR Advisory

At BARR Advisory, we build trust through cyber resilience. We help protect the world’s data, people, and information networks through a human-first approach to cybersecurity and compliance.

National Centre for Digital Security (CNSD) - Peru

National Centre for Digital Security (CNSD) - Peru

The National Center for Digital Security manages and supervises the operation of Digital Security in Peru in order to strengthen digital trust.