Millions Of Compromised Accounts Discovered On The Dark Web

Uploaded on 2018-02-27 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Dark Web is a strange place where one can conduct all sorts of illegal activities including selling illegal drugs, weapons, social security numbers, documents and stolen data. 

Recently, the social engineering experts at breach notification website Hacked-DB discovered a massive trove of data containing login credentials of millions of users on the dark web.

In total, Hacked-DB say they have discovered 3,000 databases containing 200 million unique user accounts including containing email addresses, potential personally identifiable information, potential financial accounts, unique IP addresses, unique account identifiers and other highly sensitive information linked to organizations and individuals all around the world.

The vast majority of these compromised databases were not detected prior to this leak and the overall size of the files leaked is 9GB. The leak includes databases from 2011 to today in 2018, and the information includes personal accounts with clear text or hashed passwords that can easily be reversed to the password itself. Hacked-DB Chief Operation Officer Mr. Yogev Mizrahi told HackRead that: “This leak is extremely interesting from a hacker’s point of view since it can potentially give adversaries a fairly large ground of identities to work with when it comes to identifying theft and such”.

Hacked-DB CEO Mr. Chen Heffer said that “These leaks go mostly under the radar since they are not published to the public anywhere and by no one. Our team of white hat hackers in Hacked-DB work 24/7 in looking for this type of information in the dark web to bring the value-add to our clients and help organisations protect their IP and identities”.

What might be worrisome is the fact that the data is available for anyone to download on a file-sharing website and it is only a matter of time before malicious actors get their hands on it.

Previously, owner of HaveIbeenPwned Troy Hunt discovered Anti Public Combo List and Exploit.in dumps with billions of user accounts and just a few days after, both lists were available for download on the Dark Web and hacking forums.

Moreover, In December last year, 4iQ researchers also discovered a 41GB data file containing 1.4 billion billion login credentials including emails and passwords in clear-text format. 

The recent finding from Hacked-DB shows there is a ton of data on the Dark Web which poses a massive threat to the user as well as the targeted firms since either none of them have any idea about the breach or the companies are hiding it from users.

HackRead

You Might Also Read: 

What Is the Dark Web? Can You Access It?:

Is Your Data Being Sold On The Dark Web?:


 

« Eight Reasons Why Facebook Has Peaked
Foreign Interference In US Elections 'Will be repeated' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

DCIT

DCIT

DCIT is a specialist in providing comprehensive consulting and auditing services in the field of information technology, PROVYS development software and security system AuditSquare.

FoxGuard Solutions

FoxGuard Solutions

FoxGuard Solutions develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

SharkStriker

SharkStriker

SharkStriker is a US based managed security services provider with SOCs and offices across the globe.

Punk Security

Punk Security

Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.

Antigen Security

Antigen Security

Antigen Security is a Digital Forensics, Incident Response and Recovery Engineering firm helping businesses and service providers prepare for, respond to, and recover from cyber threats.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

PolySwarm

PolySwarm

PolySwarm is a crowdsourced threat intelligence marketplace that provides a more effective way to detect, analyze and respond to the latest threats.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.