![]() Part of the problem is that we often treat online accounts "throwaways." We create them without giving much thought to how an attacker could use information in that account - which we don't care about - to comprise one that we do care about. If not on the site that was originally compromised, then at another one where the same person created an account. Because people tend to re-use their passwords - and because many don't react quickly to breach notifications - a good number of these credentials are likely to still be valid. ![]() That doesn't make the data any less useful to cybercriminals. Some of these breaches happened quite a while ago and the stolen or leaked passwords have been circulating for some time. 4iQ's screenshot shows dumps from Netflix, Last.FM, LinkedIn, MySpace, dating site Zoosk, adult website YouPorn, as well as popular games like Minecraft and Runescape. ![]() The usernames and passwords have been collected from a number of different sources. Where did the 1.4 billion records come from? The data is not from a single incident. Everything is neatly organized and alphabetized, too, so it's ready for would-be hackers to pump into so-called "credential stuffing" apps ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |