Password Database dumped online

A database of more than 150 Million passwords has been posted online, giving you yet another reason to change that password of yours.

The database contains data from breaches that have happened over the last few years. Most of the data has already been leaked before, and this only makes it easier to access it. You can head over to Have I Been Pwned to check if any of your usernames was compromised.

And to make matter worse, people are reusing their passwords. By employing credential stuffing, hackers will be able to crack track all the accounts that use the same username. As the folks over at OWASP have put it,

Credential stuffing is the automated injection of breached username/password pairs to fraudulently gain access to user accounts. This is a subset of the brute force attack category: large numbers of spilled credentials are automatically entered into websites until they are potentially matched to an existing account, which the attacker can then hijack for their own purposes.

Stuffing tools are readily available so in short, just change your password.

Source: MacKeeper Blog

Leave a Reply