Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including Linked l n , Tumbler M S ace, Last FM, Yahoo! VK.com were exposed on the Internet.
Now, according to the recent news, login credentials and other personal data linked to more than one Million Yahoo and Gmail
accounts are reportedly being offered for sale on the dark web marketplace.
The online accounts listed for sale on the Dark Web allegedly contain usernames, emails, and plain text passwords. The accounts are not from a single data breach; instead, several major cyber-attacks believed to have been behind it.
The hacker going by the online handle 'Sun Tzu 583' has listed a number of cracked email packages on a series of dark websites, Hack Read reported.
Here's the Full List of Accounts and their Prices:
100,000 Yahoo accounts acquired from 2012 Last FM data breach, for 0.0084 Bitcoins ($10.76). Another 145,000 Yahoo accounts acquired from two separate data breaches the 2013 Adobe data breach and the 2008 M S ace breach for 0.0102 Bitcoins (USD 13.75). 500,000 Gmail accounts from the 2008 MySpace hack, the 2013 Tumble breach, and the 2014 Bitcoin Security Forum breach for 0.0219 Bitcoins ($28.24).
Another 450,000 Gmail accounts for 0.0201 BTC (USED 25.76), which came from various other data breaches in Dro box, m, and others that took place between 2010 and 2016.
Last.FM data breach from 2012 exposed 43 million user accounts that were publicly released in September last year.
Adobe breach from October 2013 exposed over 153 million accounts containing internal le, usernames, emails, encrypted passwords and a password hint in plain text.
MySpace data breach from 2008 exposed 360 million user accounts, containing usernames, emails and their encrypted (plain text).
Google’s Gmail email service is known to be one of the most secure email services, but no company can secure their accounts from hackers due to a third party data breach.
Millions of Gmail accounts, in which usernames, emails, and plain text passwords were exposed, were stolen in multiple data breaches in Security Forum, Tumbler, Last fm, Webshots, Adobe, Dropbox, Flash Flash Revolution, Look Book and Xbox 360 ISO, happened between 2008 and 2016.
The data listed for sale by Suntanned has not been independently verified by The Hacker News, but has reportedly been checked by matching it to the data on a number of data breach notification platforms, including Hacked DB and Havel Been Pwned.
Here's What All You Can Do:
Needless to say, you should immediately change almost all your account passwords at least once.
Also enable two-factor authentication for all your online accounts immediately.
And once again, a strong recommendation: Don't Reuse Passwords.
Also, you are recommended to change your password every few months, which limits how long a stolen password is useful to a hacker.
Since no one can remember and recreate strong passwords for every single online account regularly, the best practice is to use a good password mama-er. It will generate, store and change regularly strong, unique passwords for all your accounts.
EmoticonEmoticon