BreachExchange mailing list archives
Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach
From: security curmudgeon <jericho () attrition org>
Date: Mon, 23 Jul 2012 12:42:30 -0500 (CDT)
http://www.forbes.com/sites/andygreenberg/2012/07/23/eight-million-passwords-spilled-from-gaming-site-gamigo-months-after-breach/ Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach 7/23/2012 Andy Greenberg, Forbes Staff Call it a slow leak. Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users. credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList. The half-gigabyte collection of stolen user data was posted to a password-cracking forum Inside Pro earlier this month, where it remained online until late last week. PwnedList founder Steve Thomas downloaded the file prior to its removal from the Web and has shared it with me, and I can confirm that it appears to be an enormous list of user emails with passwords obscured by cryptographic hashes. "It's the largest leak I've ever actually seen," says Thomas, whose startup seeks to track data breaches and alert users when their information is published. "When this breach originally happened, the data wasn't released, so it wasn.t a big concern. Now eight million email addresses and passwords have been online, live data for any hacker to see." [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach security curmudgeon (Jul 23)