Friday, February 13, 2015

10 Million Stolen Passwords Released – Is Your’s Among Them?

There are no less than 10 million stolen usernames and passwords on Mark Burnett’s blog. Its made to understand that the noted security researcher and consultant didn’t post the passwords with any malicious intent, but to give insight into user behavior. And also to draw attention to the arrest and prosecution of Barrett Brown. ( Barrett Brown is a journalist who was recently sentenced to 63 months in prison and ordered to pay a fine of $890,000 in restitution for linking his column to a hacked data of Stratfor Global Intelligence in the Gaurdian.)


The usernames and passwords are posted in one big torrent file. And you can download them in minutes. A programmer called Luke Rehmann has downloaded the file and created a simple file, so anyone can check whether their accounts details have been stolen or not.


How to check: Visit Luke Rehmann’s website to search for your usernames and passwords in the leaked file. Instead of using your full username or password, you can even check by using partial ids. For instance busno.1 you can simply use bus to figure out whether your password or user id figures in the list.


Burnett further adds in his blog post that whatever usernames or passwords he has stolen is nothing compared to the 1 billion sets of stolen credentials he has come across as dumps on the web. So even if you are running a check on the site, there’s no guarantee that your username or password aren’t floating around on the web.


To check whether your usernames and passwords are compromised, visit Havibeenpwned.com and Pwnedlist.com - these two sites are said to have more complete databases of stolen credentials.


No comments:

Post a Comment