We’ve got a follow-up to a story we brought you earlier. The hacked accounts of many different sites including MyFitnessPal have gone on sale on the dark web.
Last year, we brought you news of UnderArmours MyFitnessPal suffering from a data breach. In all, 150 million accounts were compromised in that hack.
That hack was one of many hitting various major sites across the web. Now, we are learning the fate of those hacked accounts. According to The Register, that large hack is part of an even larger package weighing in at 617 million accounts. That package is being sold on the dark web. From the report:
Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove’s seller.
For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor network:
Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700,000).
Sample account records from the multi-gigabyte databases seen by The Register appear to be legit: they consist mainly of account holder names, email addresses, and passwords. These passwords are hashed, or one-way encrypted, and must therefore be cracked before they can be used.
The report points out that the reason why the price is so low is because it’s meant to be sold to spammers and credential stuffers. Credential stuffers are people who take login information and search other services for the same username. If there is a match, then that password is used to try and gain access to other accounts around the web. That way, those low end hackers can obtain even more compromising information on potential victims.
Of course, the offer of the compromised information can be sold multiple times. That alone highlights just how lucrative the world of identity theft is and why many people partake in it in the first place.
This also highlights one of the many ways these login credential packages constantly get packed, repacked, and bought and sold all over the dark web.
Obviously, if you see a site you use on the list, then the first thing you should do, if you haven’t already, is change your password. If that password is reused on other sites, those need to get changed as well or it may only be a matter of time before that information is compromised.
Drew Wilson on Twitter: @icecube85 and Google+.
