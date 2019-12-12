Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Over One Billion Email-Password Combos Leaked Online

Billions of email addresses and plain text passwords have been leaked online by an unnamed party, putting countless internet users at risk from credential stuffing and other attacks.

Security researcher Bob Diachenko discovered the unsecured Elasticsearch database on December 4, although it was first indexed by the BinaryEdge search engine and therefore publicly available from the very start of the month.

After he notified the US-based ISP hosting the IP address, access to the database was eventually disabled on December 9, giving potential hackers more than enough time to harvest the trove of log-in data.

In total, the database contained 2.7 billion email addresses, and plain text passwords for more than one billion of them — providing a perfect starting point for a credential stuffing campaign.

Working with Comparitech, Diachenko deduced that much of the data was harvested from a 2017 listing by a hacker known as “DoubleFlag.” Dubbed “The Big Asian Leak,” it included breached credentials from multiple internet companies from the region, including NetEase, Tencent, Sohu, and Sina.

The new 1.5TB leak features mainly emails from Chinese domains including qq.com, 139.com, 126.com, gfan.com, and game.sohu.com, although there are a smattering of Gmail and Yahoo addresses, according to Comparitech.

“Because many Chinese people have difficulty reading English characters, they often use their phone numbers or other numerical identifiers as usernames. Therefore, we can assume many of these email addresses also contain phone numbers,” wrote the firm’s privacy advocate, Paul Bischoff.

It’s unclear who the owner of the exposed database is; it could theoretically have been set up as the first stage in a credential stuffing or even a spam campaign.

The implications stretch beyond the security of victims’ personal accounts, according to Vinay Sridhara, CTO of Balbix.

“Since many employees share passwords between their work and personal accounts, this leak not only problematic for the individuals who own the accounts, but a big risk for enterprises globally as well,” he argued.

“Enterprises should use this as an opportunity to scan for password reuse immediately, and on an ongoing basis, to limit their exposure to this incident."

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Microsoft: 44 Million User Passwords Have Been Breached

2
News

ISP 1&1 Hit With €9.6 Million GDPR Fine

3
News

Data Leak Exposes 750K Birth Certificate Applications

4
News

Over One Billion Email-Password Combos Leaked Online

5
Blog

The Cybersecurity Doomsday Clock: What Time is it?

6
News

UK Government Issues Cybersecurity Warning to Charities

1
News

Emsisoft Declares Ransomware Crisis

2
Webinar

Making SOAR Work For You

3
News

Registration Opens for Girls' Free Cybersecurity Training

4
News

Manhattan Hotel to Pilot Cyber-Safe Travel Program

5
News

Three Charged in $722 Crypto Ponzi Scheme

6
News

Over One Billion Email-Password Combos Leaked Online

1
Webinar

Authentication Standards in 2019: Why Passwords Remain Problematic, and Future Solutions

2
Webinar

Zero Trust in Practice: Why Identity Drives Next-Gen Access

3
Webinar

Fact & Fiction in Advanced Threat Detection

4
Webinar

Clearing the Path to Software-Defined Segmentation

5
Webinar

How Segmentation Leads to Visibility and Enables Compliance

6
Webinar

Can You be Secure by Design, Compliant and Enable Optimum Functionality?

1
Blog

Year in Review: Need for Better Security Effectiveness

2
Blog

Year in Review: DNS Security

3
Next-Gen

Driving Tech Education in Foreign Lands

4
Blog

Year in Review: Cybercrime

5
Interview

Five Continents, Five Voices: Charl van der Walt, Africa

6
Blog

Security by Sector: Nozomi Networks Teams with IBM to Secure Industrial Infrastructure