Ahacker is selling 617 million stolen accounts online collected from 16 popular websites on Dream Market Cybersouk which can be accessed on the Tor network.
As reported by The Register, the data can be purchased for less than $20,000 Bitcoin and comprises of account holder names, passwords, and email IDs. Buyers need to crack the hashed, one-way encrypted passwords before using them.
The list of 16 hacked websites contains some popular websites including Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700,000).
Speaking to The Register, the seller said that the purpose behind this sale is to make “life easier” for hackers to help them log in to websites using these credentials. Besides helping fellow hackers, the seller also wants to make a statement and raise awareness among users about their online security, ironically, by selling their personal information.
Some of the hacked websites like MyFitnessPal, MyHeritage and Animoto, previously, announced the breach and notified the affected accounts to update their credentials. But other websites haven’t done the same and the breach has come to light for the first time.
The wrongdoer who has put the stolen database up for sale said, “I don’t think I am deeply evil. I need the money. I need the leaks to be disclosed. Security is just an illusion. I started hacking a long time ago. I’m just a tool used by the system. We all know measures are taken to prevent cyber attacks, but with these upcoming dumps, I’ll make hacking easier than ever.”
It’s high time that we start taking some concrete steps to keep our data intact. We recommend using strong and not easily guessed passwords. Also, try not to reuse passwords on different websites.