While computer attacks are becoming more and more common, and even easier thanks to artificial intelligence, few data leaks are as impressive as this one.
In recent days, researcher Jérémie Fowler revealed, in the WebsitePlanet website, a security flaw that could compromise many online credentials.
With very precisely 184,162,718 passwords now accessible to hackers, we already know that the consequences of this leak could compromise many companies...
"InfoStealer" type software at the heart of this data leak
In his analysis, the researcher reveals that the data would come from of a software of the type “InfoStealer”. These software programs, specifically designed to steal logins, passwords, or other information accessible from your browser or email inbox, are often very discreet.
And while in some cases the goal is to demand ransoms from the people directly concerned, some hackers decide to exploit them in other ways, as was the case for Free and its 19 million customers last year.
Although the researcher managed to identify this database of logins and passwords, which would represent more than 47 GB of data, he admitted that he did not know precisely the origin of this leak...
A publicly accessible database
While we can guess that, since Jérémie Fowler's latest revelations, the database he mentions has been taken out of service, we know that the hacked data was publicly accessible.
With connection information to Microsoft accounts, social networks like Facebook, Instagram, and Snapchat, and even video games like Roblox, this leak could have enormous repercussions around the world.
Even more surprisingly, the researcher revealed that this database was not encrypted, clearly revealing the usernames and passwords to anyone who has access to the files.
Best practices still not followed enough
Even if more and more solutions require enabling two-factor authentication, or requiring password updates at regular intervals, this event is a new opportunity to remind people that hacks are also linked to a lack of compliance with good digital practices.
To avoid risks with malware like in this case, Jérémie Fowler recommends to use an anti-virus to protect against data leaks, beyond the vigilance of each individual which remains essential...
0 Comments