1.4B Credentials Dumped, Dark Web Database Found

From Data Dump to Dark Web Database 

On Dec. 5, 2017, a massive database with data from over 300 data breaches was discovered on the Dark Web. This Dark Web database contains over 1.4 billion unique clear text, or publicly viewable, login credentials, which experts have confirmed are legitimate pairings. 

To make a long story short, 41GB of publicly viewable data was dumped on the Dark Web. From there, the information became accessible via a “Dark Web database,” allowing hackers to search the aggregated data by password type, user, breach event and more. 

Unlike a single data breach event, this database aggregates breached data from hundreds of big-name data breaches like Netflix, LinkedIn, Minecraft and Bitcoin. The database is even more concerning because the information was found in clear text – meaning that anyone with access to it can view it.  Continue reading

The Dark Web & What It Means to Your Identity

What is the “Dark Web” ? 

Whether you’re an expert, or know nothing about it, something in our brain rightfully associates the term “Dark Web” with criminal activity. 

The Dark Web can be a scary place. It’s home to thousands of Web pages used to facilitate virtually any illegal activity you could imagine. But, it’s not that simple – the World Wide Web is massive, and the Dark Web is just one part of it. 

Confused yet? Great! Let’s learn more about the Dark Web, how it plays a role in the World Wide Web, and find out what really goes down in the online underground.   Continue reading

Hackers Hope Your Old Myspace Account Is the Key to Your Finances

Myspace and Tumblr Hack

UPDATE: Mashable reports that a security researcher named Thomas White, also known as TheCthulhu on Twitter, consolidated 427 million stolen Myspace passwords into an available download on the Internet. According to the news source, the download was so popular that the server White used to hold the passwords crashed on July 1. 

What should you do?

  • Change your email and password. Using the same email/password combination for other sites could potentially allow fraudsters access into other personal accounts. 
  • Check if your information has been found on the Internet by visiting HaveIBeenPwned.com
  • Create secure passwords. Utilize our password tool to test the strength of your passwords.

What happened?  

The black market continues to surge with social media user credentials as 360 million Myspace and 65 million Tumblr email addresses and passwords are posted for sale. Continue reading

LinkedIn Hacked — 167 Million Accounts for Sale on Dark Web

LinkedIn-Data-Breach-May-2016V2

UPDATE: CSO reports that the LinkedIn data breach has been connected to a series of data breaches that occurred shortly after, including Citrix’s GoToMyPC and TeamViewer. A list of LinkedIn users’ names, work history and passwords obtained in the initial breach provided the information needed for hackers to gain access into other secondary networks.

What should you do?

  • Avoid using the same password for multiple sites.
  • Change your passwords every 90 days.
  • Create passwords with a minimum of 8 characters and a variety of capital and lowercase letters, symbols and numbers.

What happened? 

Account information of 117 million LinkedIn users has surfaced on the online black market. The hacker responsible is seeking 5 bitcoins ($2,200 USD) for the database of users’ email addresses and encrypted passwords. 

An additional 50 million LinkedIn email addresses, without passwords, are also for sale. Continue reading