Millions Of Compromised Accounts Discovered On The Dark Web

The Dark Web is a strange place where one can conduct all sorts of illegal activities including selling illegal drugs, weapons, social security numbers, documents and stolen data. 

Recently, the social engineering experts at breach notification website Hacked-DB discovered a massive trove of data containing login credentials of millions of users on the dark web.

In total, Hacked-DB say they have discovered 3,000 databases containing 200 million unique user accounts including containing email addresses, potential personally identifiable information, potential financial accounts, unique IP addresses, unique account identifiers and other highly sensitive information linked to organizations and individuals all around the world.

The vast majority of these compromised databases were not detected prior to this leak and the overall size of the files leaked is 9GB. The leak includes databases from 2011 to today in 2018, and the information includes personal accounts with clear text or hashed passwords that can easily be reversed to the password itself. Hacked-DB Chief Operation Officer Mr. Yogev Mizrahi told HackRead that: “This leak is extremely interesting from a hacker’s point of view since it can potentially give adversaries a fairly large ground of identities to work with when it comes to identifying theft and such”.

Hacked-DB CEO Mr. Chen Heffer said that “These leaks go mostly under the radar since they are not published to the public anywhere and by no one. Our team of white hat hackers in Hacked-DB work 24/7 in looking for this type of information in the dark web to bring the value-add to our clients and help organisations protect their IP and identities”.

What might be worrisome is the fact that the data is available for anyone to download on a file-sharing website and it is only a matter of time before malicious actors get their hands on it.

Previously, owner of HaveIbeenPwned Troy Hunt discovered Anti Public Combo List and Exploit.in dumps with billions of user accounts and just a few days after, both lists were available for download on the Dark Web and hacking forums.

Moreover, In December last year, 4iQ researchers also discovered a 41GB data file containing 1.4 billion billion login credentials including emails and passwords in clear-text format. 

The recent finding from Hacked-DB shows there is a ton of data on the Dark Web which poses a massive threat to the user as well as the targeted firms since either none of them have any idea about the breach or the companies are hiding it from users.

HackRead

You Might Also Read: 

What Is the Dark Web? Can You Access It?:

Is Your Data Being Sold On The Dark Web?:


 

« Eight Reasons Why Facebook Has Peaked
Foreign Interference In US Elections 'Will be repeated' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Irish Reporting & Information Security Service (IRISS)

Irish Reporting & Information Security Service (IRISS)

IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

International Data Sanitization Consortium (IDSC)

International Data Sanitization Consortium (IDSC)

IDSC is a group composed of individuals and companies dedicated to standardizing terminology and practices across the data sanitization industry.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

Bechtle

Bechtle

Bechtle is one of Europe’s leading IT service providers offering a blend of direct IT product sales and extensive systems integration services.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

Seal Security

Seal Security

Seal Security revolutionizes software supply chain security operations, empowering organizations to automate and scale their open source vulnerability remediation and patch management.