fusi0n Posted May 31, 2016 Share Posted May 31, 2016 Quote Well, it’s happened again. This time, the breach is said to come from MySpace, and the number of passwords claimed is an eye-popping 427 million. Apparently, there are only 360 million users on the list, but some accounts have more than one password listed, for reasons that aren’t explained. Once again, the passwords allegedly exposed in this breach were simple, unsalted SHA-1 hashes, vulnerable to just the same sort of high-speed try ’em all attack as in the LinkedIn breach of 2012. According to Leaked Source, lots of passwords have already been cracked, with the top 50 choices so far accounting for more than 6 million passwords, or 1.5% of the total. Interestingly, password1, abc123 and the entirely-expected 123456 come in second, third and fourth respectively. Top place is the unusual (but nevertheless easily-cracked) password homelesspa, attached to more than 850,000 accounts that Leaked Source suggests were created by some sort of automated process, presumably orchestrated by a gang of scammers to use for nefarious purposes. Source :https://nakedsecurity.sophos.com/2016/05/31/myspace-breach-could-be-the-biggest-ever-half-a-billion-passwords/ Link to comment Share on other sites More sharing options...
+Gary7 Subscriber² Posted May 31, 2016 Subscriber² Share Posted May 31, 2016 This is why I do not use such sites. Link to comment Share on other sites More sharing options...
fusi0n Posted May 31, 2016 Author Share Posted May 31, 2016 Ah, mods can close this topic. I didn't know Neowin already reported on the topic.. ah.. long weekends. Link to comment Share on other sites More sharing options...
EmuZombie Veteran Posted May 31, 2016 Veteran Share Posted May 31, 2016 See here: https://www.neowin.net/news/427-million-myspace-passwords-leaked-online-in-breach Thread closed Link to comment Share on other sites More sharing options...
Recommended Posts