Millions Of Compromised Accounts Discovered On The Dark Web

The Dark Web is a strange place where one can conduct all sorts of illegal activities including selling illegal drugs, weapons, social security numbers, documents and stolen data. 

Recently, the social engineering experts at breach notification website Hacked-DB discovered a massive trove of data containing login credentials of millions of users on the dark web.

In total, Hacked-DB say they have discovered 3,000 databases containing 200 million unique user accounts including containing email addresses, potential personally identifiable information, potential financial accounts, unique IP addresses, unique account identifiers and other highly sensitive information linked to organizations and individuals all around the world.

The vast majority of these compromised databases were not detected prior to this leak and the overall size of the files leaked is 9GB. The leak includes databases from 2011 to today in 2018, and the information includes personal accounts with clear text or hashed passwords that can easily be reversed to the password itself. Hacked-DB Chief Operation Officer Mr. Yogev Mizrahi told HackRead that: “This leak is extremely interesting from a hacker’s point of view since it can potentially give adversaries a fairly large ground of identities to work with when it comes to identifying theft and such”.

Hacked-DB CEO Mr. Chen Heffer said that “These leaks go mostly under the radar since they are not published to the public anywhere and by no one. Our team of white hat hackers in Hacked-DB work 24/7 in looking for this type of information in the dark web to bring the value-add to our clients and help organisations protect their IP and identities”.

What might be worrisome is the fact that the data is available for anyone to download on a file-sharing website and it is only a matter of time before malicious actors get their hands on it.

Previously, owner of HaveIbeenPwned Troy Hunt discovered Anti Public Combo List and Exploit.in dumps with billions of user accounts and just a few days after, both lists were available for download on the Dark Web and hacking forums.

Moreover, In December last year, 4iQ researchers also discovered a 41GB data file containing 1.4 billion billion login credentials including emails and passwords in clear-text format. 

The recent finding from Hacked-DB shows there is a ton of data on the Dark Web which poses a massive threat to the user as well as the targeted firms since either none of them have any idea about the breach or the companies are hiding it from users.

HackRead

You Might Also Read: 

What Is the Dark Web? Can You Access It?:

Is Your Data Being Sold On The Dark Web?:


 

« Eight Reasons Why Facebook Has Peaked
Foreign Interference In US Elections 'Will be repeated' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

HUB International

HUB International

HUB is one of the largest insurance brokers in the world. HUB Risk Services provides the full range of expert consulting to identify risks, reduce exposure to loss and manage claims issues.

Cyber Exec

Cyber Exec

Cyber Exec is an executive search firm dedicated to global talent acquisition in Cyber Security, Information Technology, Defense...

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Redjack

Redjack

Redjack is a cutting-edge network analytics company focused on enterprise and ISP security and intelligence solutions.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

Maven Security Consulting

Maven Security Consulting

Maven Security Consulting helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

Cyber Security for Europe (CyberSec4Europe)

Cyber Security for Europe (CyberSec4Europe)

CyberSec4Europe is designing, testing and demonstrating potential governance structures for a European Cybersecurity Competence Network.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

Incognia

Incognia

Incognia have created a ubiquitous private identity based on location behavior, that enables a personalized frictionless experience with mobile apps and connected devices.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Techsolidity

Techsolidity

Techsolidity is an emerging e-learning platform that offers a wide range of upskilling programs worldwide in areas including cybersecurity.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.