Millions Of Compromised Accounts Discovered On The Dark Web

The Dark Web is a strange place where one can conduct all sorts of illegal activities including selling illegal drugs, weapons, social security numbers, documents and stolen data. 

Recently, the social engineering experts at breach notification website Hacked-DB discovered a massive trove of data containing login credentials of millions of users on the dark web.

In total, Hacked-DB say they have discovered 3,000 databases containing 200 million unique user accounts including containing email addresses, potential personally identifiable information, potential financial accounts, unique IP addresses, unique account identifiers and other highly sensitive information linked to organizations and individuals all around the world.

The vast majority of these compromised databases were not detected prior to this leak and the overall size of the files leaked is 9GB. The leak includes databases from 2011 to today in 2018, and the information includes personal accounts with clear text or hashed passwords that can easily be reversed to the password itself. Hacked-DB Chief Operation Officer Mr. Yogev Mizrahi told HackRead that: “This leak is extremely interesting from a hacker’s point of view since it can potentially give adversaries a fairly large ground of identities to work with when it comes to identifying theft and such”.

Hacked-DB CEO Mr. Chen Heffer said that “These leaks go mostly under the radar since they are not published to the public anywhere and by no one. Our team of white hat hackers in Hacked-DB work 24/7 in looking for this type of information in the dark web to bring the value-add to our clients and help organisations protect their IP and identities”.

What might be worrisome is the fact that the data is available for anyone to download on a file-sharing website and it is only a matter of time before malicious actors get their hands on it.

Previously, owner of HaveIbeenPwned Troy Hunt discovered Anti Public Combo List and Exploit.in dumps with billions of user accounts and just a few days after, both lists were available for download on the Dark Web and hacking forums.

Moreover, In December last year, 4iQ researchers also discovered a 41GB data file containing 1.4 billion billion login credentials including emails and passwords in clear-text format. 

The recent finding from Hacked-DB shows there is a ton of data on the Dark Web which poses a massive threat to the user as well as the targeted firms since either none of them have any idea about the breach or the companies are hiding it from users.

HackRead

You Might Also Read: 

What Is the Dark Web? Can You Access It?:

Is Your Data Being Sold On The Dark Web?:


 

« Eight Reasons Why Facebook Has Peaked
Foreign Interference In US Elections 'Will be repeated' »

Directory of Suppliers

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

the Information Systems Security Association (ISSA) is an international organization of information security professionals and practitioners.

Eversheds PrivacyLaw

Eversheds PrivacyLaw

Eversheds is an international law firm covering a broad range of practice areas including privacy and data protection.

InfoSec World

InfoSec World

InfoSec World conference and expo covers all aspects of information security with a broad agenda of sessions on key security issues.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

Sucuri

Sucuri

Sucuri provide a complete website security solution to protect against hacks and clean up after security incidents.

InfoArmor

InfoArmor

InfoArmor delivers information protection solutions, intelligence and investigative services to help businesses fight evolving online threats.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

KPN

KPN

KPN is a leading supplier of ICT services including Cyber Security, Identity & Privacy, Secure Communications and Business Continuity.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

DefenseStorm

DefenseStorm

DefenseStorm is a Security Data Platform that watches everything on your network and matches it to your policies, providing cybersecurity management that is safe, compliant and cost effective.

SynerComm

SynerComm

SynerComm is an IT solution provider specializing in network and security infrastructure, enterprise mobility, remote access, wireless solutions, audit, pentesting and information assurance.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

Saudi National Security & Risk Prevention Expo (SNSR)

Saudi National Security & Risk Prevention Expo (SNSR)

SNSR Expo is held under the theme of “shaping the future of national security & risk prevention” with the aim of bringing together international businesses with the Saudi Government.

Boxtrap Security

Boxtrap Security

Boxtrap delivers high-end technical advisory and services focused on various information security disciplines.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.