Leakage of emails and passwords can be 10 times greater than revealed – Link



[ad_1]

<img src = "https://img.estadao.com.br/fotos/crop/640×400/resources/jpg/2/2/1547821006622.jpg" alt = "Printed by Brian Krebs with allegedly no folders with emails and pbadwords

Revealed this week, the leak that exposed the most 772 million e-mail addresses and 21 million pbadwords may be larger than expected. Information security researcher Brian Krebs said on his Twitter account that he had found a new batch of digital references that would complete the first file and would be at least ten times larger. is still not possible to identify the victims of the package.

Without revealing the identity of the offender, Krebs said that he was in contact with the hacker who allegedly exposed and sold the data on Internet: The alleged perpetrator proposed the sale of a terabyte-sized package containing the user's personal information – equivalent to more than 100 high definition 2-hour movies – via the Telegram instant messaging application. The first file, discovered by researcher Troy Hunt, contained 87 gigabytes (one terabyte, corresponding to 1024 gigabytes).

The sale of some 773 million e-mail addresses and 21 million unique pbadwords on a hacking forum has been dubbed the largest ever made. People panic. But according to the guy who sells this product, it's neither new nor the biggest. It's about 2-3 years old

On Twitter, Krebs has released yet another image supposed to prove the existence of the new package, sold for only $ 45 by the hacker. In addition to the previously revealed collection No. 1, the file included four other collections, as well as scattered collections of data. Krebs also said on Twitter that the hacker had tried to sell him another package of four terabyte pbadwords and e-mail addresses.

The expert further reinforced Hunt's theory this week that package data is part of the information previously disclosed on the Internet. Another sign that adds to this badumption is the fact that Hold Security, a cybersecurity company, says that it has already found 99% of the data in the No. 1 collection in small packets scattered across the network. We know that the files collected and exhibited in the first collection were collected from 2,000 databases, collected over the last two or three years.

Roberto Rebouças, executive director of cybersecurity company Kaspersky in Brazil, said the case was not a common leak and that it should know new developments in the coming days. "This is a large collection of data sold on the Internet," he said. "I think there will be an even larger amount of data exposed in this same case."

In the opinion of the executive, such attacks and leaks will become more and more common – part of the problem lies, he says, because there is little protection in the data banks captured by companies. "The information disclosed was not provided by users in a registry on the Internet, but collected via an infected file or by a person infiltrated within the company," said Rebouças. "In the current market, all companies will be invaded at least once in their life.Unfortunately, it is now a rule."

[ad_2]
Source link