Hackers always first go for the weakest link to quickly gain access to your online accounts.
Online users habit of reusing the same password across multiple services gives hackers opportunity to use the credentials gathered by a data breach to break into their various other online accounts.
Researchers by security firm 4iQ have at This kind of point discovered a brand new collective database on the dark web (released on Torrent as well) which contains a whopping 1.4 billion usernames as well as passwords in clear text.
The aggregate database, found on 5 December in an underground community forum, has been said to be the largest ever aggregation of various leaks found within the dark web to date, 4iQ founder as well as chief technology officer Julio Casal noted in a blog post.
Though links to download the collection were already circulating online over dark-web sites by last few weeks, the idea took more exposure when someone posted the idea on Reddit a few days ago, by where we also downloaded a copy as well as can at This kind of point verify its authenticity.
Researchers said the 41GB massive archive, as shown below, contains 1.4 billion usernames, email, as well as password combinations—properly fragmented as well as sorted into two as well as three level directories.
The archive had been last updated at the end of November as well as didn’t come by a brand new breach—nevertheless by a collection of 252 previous data breaches as well as credential lists.
The collective database contains plain text credentials leaked by Bitcoin, Pastebin, LinkedIn, MySpace, Netflix, YouPorn, Last.FM, Zoosk, Badoo, RedBox, games like Minecraft as well as Runescape, as well as credential lists like Anti Public, Exploit.in.
“None of the passwords are encrypted, as well as what’s scary is actually which we’ve tested a subset of these passwords as well as most of the have been verified to be true,” Casal said. “The breach is actually almost two times larger than the previous largest credential exposure, the Exploit.in combo list which exposed 797 million records.”
“This kind of brand new breach adds 385 million brand new credential pairs, 318 million unique users, as well as 147 million passwords pertaining to those previous dumps.”
The database has been neatly organized as well as indexed alphabetically, too, to ensure might-be hackers with basic knowledge can quickly search for passwords.
For example, a simple search for “admin,” “administrator” as well as “root,” returned 226,631 passwords used by administrators in a few seconds.
Although some of the breach incidents are quite old with stolen credentials circulating online for some time, the success ratio is actually still high for criminals, due to users lousy habit of re-using their passwords across different platforms as well as choosing easy-to-use passwords.
The most common yet worst passwords found within the database are “123456”, “123456789”, “qwerty,” “password” as well as “111111.”
the idea is actually still unclear who is actually responsible for uploading the database on the dark web, nevertheless whoever the idea is actually has included Bitcoin as well as Dogecoin wallets for any user who wants to donate.
To protect yourself, you are strongly advised to stop reusing passwords across multiple sites as well as always keep strong as well as complex passwords for your various online accounts.
If the idea’s difficult for you to remember as well as create complex passwords for different services, you can make use of the best password manager. We have listed some not bad password managers which could help you understand the importance of such tool as well as choose one according to your requirement.
Incoming search terms:
- collection of 1 4 billion plain text password
- Collection of 1 4 Billion Plain-Text Leaked Passwords Found Circulating Online pastebin