#1 Trusted Cybersecurity News Platform
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: password leaked

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

May 20, 2020Swati Khandelwal
The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix," who is a resident of the Ivano-Frankivsk region of Ukraine, but it did not reveal his actual identity to the media. In January last year, the hacker tried to sell the massive 87-gigabyte database labeled as "the largest array of stolen data in history," which, according to security experts, was just a fraction of the stolen data Sanix collected. According to the authorities, Sanix had at least 6 more similar databases of stolen and broken passwords, totaling in terabytes in size, which also included billions of phone numbers, payment card details, and Social Secu
It's 3 Billion! Yes, Every Single Yahoo Account Was Hacked In 2013 Data Breach

It's 3 Billion! Yes, Every Single Yahoo Account Was Hacked In 2013 Data Breach

October 04, 2017Swati Khandelwal
The largest known hack of user data in the history just got tripled in size. Yahoo, the internet company that's acquired by Verizon this year, now believes the total number of accounts compromised in the August 2013 data breach, which was disclosed in December last year, was not 1 billion—it's 3 Billion . Yes, the record-breaking Yahoo data breach affected every user on its service at the time. Late last year, Yahoo revealed the company had suffered a massive data breach in August 2013, which affected 1 billion user accounts . The 2013 hack exposed user account information, including names, email addresses, telephone numbers, dates of births, hashed passwords (using MD5), and, in some cases, "encrypted or unencrypted security questions and answers," Yahoo said in 2016. At that time, Yahoo did confirm that hackers did not obtain bank account details or credit card information tied to the Yahoo accounts. The data breach was attributed to state-sponsored
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits

Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits

April 08, 2017Mohit Kumar
Remember The Shadow Brokers ? They are back. A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back. Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to " Equation Group " – an elite cyber attack unit linked to the NSA. Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction , the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (fr
20 Million Credentials Stolen From Russian Dating Site 'Topface'

20 Million Credentials Stolen From Russian Dating Site 'Topface'

January 26, 2015Wang Wei
A database containing details of more than 20 Million users of a Russian-based online dating website has been allegedly stolen by a hacker and made publicly available for sale through an online forum. A hacker using the online alias " Mastermind " on an online forum used by cybercriminals claims the responsibility of the hack into an unnamed online dating website, according to recent reports. The leaked credentials are claimed to be 100% valid in a posting to a paste site, and Daniel Ingevaldson, chief technology officer of Easy Solution, said that the list included email addresses from Hotmail, Yahoo and Gmail. " The list appears to be international in nature with hundreds of domains listed from all over the world ," Ingevaldson said in a blog post on Sunday. " Hackers and fraudsters are likely to leverage stolen credentials to commit fraud not on the original hacked site, but to use them to exploit password re-use to automatically scan and c
Leaked credentials of Congress members by Anonymous hacker are inaccurate

Leaked credentials of Congress members by Anonymous hacker are inaccurate

July 19, 2013Mohit Kumar
Anonymous claimed it had stolen and leaked over 2,000 usernames and passwords for Hill staffers in an anti- PRISM protest, calling the move a pivotal moment for Congress. The Twitter handle @OpLastResort which claims to be affiliated with the famous hacktivist group posted the data and also tweeted: " We mean it. This is a pivotal moment for America, and we will not tolerate failure ." Congress actually fosters decent password best practices, requiring a special character, an uppercase letter, a lowercase letter, and a number to make up a code between 6-10 characters. What is perhaps most interesting about the hacked passwords is that they exemplify, in many cases they are just dictionary words with numbers tacked on to the end, the names of the staffers' bosses, or their favorite sports team, so the claimed hack and leaked database was probably outdated or fake. But the security advisory that was sent out to staffers said, "Early today, hackers disclo
Deals — IT Courses and Software

Sign up for our cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.