More Than 3 Billion Accounts' Details Hacked and Up for Sale. Are You At Risk?

Since the start of 2019, there have been a series of security breaches, or customer details compromised. Collection #1 was breached in January where 1 billion email addresses and passwords hacked were posted on the hacking forum. Then collection 2-5 emerged which included a total of 2.2 billion hacked account details.

Recently, 617 million accounts’ details from 16 hacked websites were posted on the dark website to be sold. These details can be accessed by spending around $20,000 in bitcoin, and are available from Dream Market cyber-souk, in Tor Network.

This seems to be a legit issue, a record from multi-gigabytes databases have been stolen. According to The Register investigation, data mainly consist of account user’s name, email address, and password. Only thing is that the password needs to be cracked by the cybercriminals. There is no bank information leaked but other personal data and location may also be hacked.

The details are reserved for the attackers who are willing to perform credential stuffing attacks. If they succeed in doing so, some other weak passwords may also be cracked on another big site. This is to look out for people who have been using the same password on different sites.

The list of hacked sites is also available, holding some previously hacked while some are recently added to the updated list. There are a few sites which are unaware of their hacked accounts. The list can be seen below:

Dubsmash (162 million accounts data)

MyFitnessPal (151 million accounts data)

MyHeritage (92 million accounts data)

ShareThis ( 41 million accounts data)

HauteLook (28 million accounts data)

Animoto (25 million accounts data)

EyeEm (22 million accounts data)

8fit (20 million accounts data)

Whitepages (18 million accounts data)

Fotolog (16 million accounts data)

500px (15 million accounts data)

Armor Games (11 million accounts data)

BookMate (8 million accounts data)

CoffeeMeetsBagel (6 million accounts data)

Artsy (1 million accounts data)

DataCamp (700,000 accounts data)

If you are associated with any of these services or have an account, it is highly advised to change your password right away. If the same password is used on any other site, it needs to change there too. Also, use two-step verification whenever possible.

500px.com a community for photographers also confirmed that the site was affected by a recent data breach.

Keeping in mind the hacking activities, it is important to make a strong password. A password manager like 1Password and Dashlane or Safari keychain for Apple user can be used.

HaveIBeenPwned, a site run by security researcher Troy Hunt, could be helpful in checking by entering your email address and password to check whether your security is compromised or not.

Be careful whenever you are giving your data anywhere. Consider where you are sharing your personal information and do not sign up to any service needlessly. Be sure to remove unauthentic and unverified third party applications and browser extensions.

Read Next: Google Chrome Informs You if Your Log In Information Has Been Stolen

Hackers Have Just Put Millions Of Accounts Up For Sale On The Dark Web — Are You On The List?
Photo: PeopleImages via Getty Images

No comments:

Post a Comment