UPDATED 23:54 EDT / MARCH 07 2017

INFRA

More than 1 million decrypted Gmail and Yahoo accounts are for sale on the dark web

More than 1 million usernames, emails and decrypted passwords of Gmail and Yahoo accounts have been found on sale in a dark web marketplace.

According to reports, a dark web seller who goes by the name of SunTzu583 is offering to sell 100,000 Yahoo accounts from the 2012 Last.fm data breach, 145,000 Yahoo accounts from the 2013 Adobe breach, and accounts from the 2008 MySpace hack. The accounts are being individually offered for sale at between 0.0079 bitcoin ($9.33) and 0.0102 bitcoin ($12.04) each.

In addition, the same seller is offering 500,000 Gmail accounts from the 2008 MySpace hack, the 2013 Tumblr hack and a 2014 bitcoin security forum breach, along with an additional 450,000 Gmail accounts obtained from data breaches between 2010 and 2016. The data has been confirmed through websites such as HaveIBeenPwned as well as by attempting to enter the information into login pages.

Hacking news site Hack Read contacted a number of users who have their login credentials mentioned in the sample data and with their permission, the site attempted logging into different platforms including MySpace, Dropbox and Tumblr. In many cases, it was unable to access the accounts mentioned, but only due to the users having changed their passwords or the accounts being suspended because the users failed to change passwords after the breaches occurred.

“Although the data is old … it poses a massive security threat for victims since it is in clear text format and available altogether at one place,” the publication noted.

Users who are concerned about the security of their Gmail or Yahoo accounts are being advised again to change their passwords immediately. They also should also consider enabling two-factor authentication where it is offered to add an additional layer of security to online services. In that case, an attempted login from an unknown or unverified device or machine requires a unique, onetime code sent to a mobile device to be entered with the password for that device or machine to gain access to the account.

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.