When you logged into Facebook, Google, Twitter, or a host of other popular web services the past month, there may have been a hacker peering over your digital shoulder, sneaking a peek at your password.
The information security company Trustwave has revealed that the passwords to 2 million different accounts have been compromised. This stash of 2 million passwords follows a massive hack on Adobe revealed in October in which a jaw-dropping 38 million user accounts and passwords were nabbed and posted to the 'net.
That attack was so big that other website vendors were affected, because many people use the same user name and password for all of their websites. Website vendors like Facebook and Evernote sifted through hacked passwords, found accounts using the hacked user/password combo and forced those people to change their passwords.
Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached.
SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.
An analysis posted on the SpiderLabs blog showed that the most-common password in the set was "123456," which was used in nearly 16,000 accounts. Other commonly used credentials included "password," "admin," "123" and "1." ()
Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.
The information security company Trustwave has revealed that the passwords to 2 million different accounts have been compromised. This stash of 2 million passwords follows a massive hack on Adobe revealed in October in which a jaw-dropping 38 million user accounts and passwords were nabbed and posted to the 'net.
That attack was so big that other website vendors were affected, because many people use the same user name and password for all of their websites. Website vendors like Facebook and Evernote sifted through hacked passwords, found accounts using the hacked user/password combo and forced those people to change their passwords.
Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached.
SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.
An analysis posted on the SpiderLabs blog showed that the most-common password in the set was "123456," which was used in nearly 16,000 accounts. Other commonly used credentials included "password," "admin," "123" and "1." ()
Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.
No comments:
Post a Comment