Slashdot Mirror
A Hacker Has Dumped Nearly One Billion User Records Over the Past Two Months (zdnet.com)
A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. From a report: The hacker's name is Gnosticplayers, and he's responsible for the hacks of 44 companies, including last week's revelations. Since mid-February, the hacker has been putting batches of hacked data on Dream Market, a dark web marketplace for selling illegal products, such as guns, drugs, and hacking tools. He's released data from companies like 500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names. Releases have been grouped in four rounds -- Round 1 (620 million user records), Round 2 (127 million user records), Round 3 (93 million user records), and Round 4 (26.5 million user records).
"500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names." Other than underarmor, THESE are the BIGGER NAMES? Lol.
My pass phrase is 1kb long.
That is a insecure pass phrase. "1Kb L0nG$" would be better.
My pass phrase is 1kb long. Good fucking luck with that
Worst pickup line ever...
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
"Do you think maybe he's compensating for something?" -- Shrek
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Nah; just fine him $1 for each user profile stolen, and keep him in jail until he pays off the entire fine.
I've abandoned my search for truth; now I'm just looking for some useful delusions.
My pass phrase is 1kb long.
That is a insecure pass phrase. "1Kb L0nG$" would be better.
Funny!
...People all over the world are continuously giving their data away to FaceBook for free.
Politics; n. : A religion whereby man is god.
My pass phrase is 1kb long.
That is a insecure pass phrase. "1Kb L0nG$" would be better.
Dammit! Now I have to change the combination on my luggage!
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
I've had my identity stole so many times
I don't know what I look like!
If sentence would be similar to what corporations get for breaking laws, the guy would get a fine of 1% of this net income and by appeal the sum would be halved.
My pass phrase is 1kb long.
Well, MY pass phrase has 1kg mass.
#DeleteChrome
I would be heavily in favour of the death penalty for this moron.
The focus should be on fixing security holes, rather than draconian punishments for those who inevitably exploit them.
Just shows you are a vicious cave-man. The death-"penalty" has no deterrence value and is just revenge. As such it makes matters worse. Great job.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
That would make things better. But some people obviously prefer them to stay bad so they can indulge their sadistic fantasies...
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
This appears to be the same person behind the "Collection #1" releases circa Jan 18th. it was just a collection of a bunch of older dumps i.e. data aggregated from other breaches. I didn't see any reason to think this person was behind all of the hacks, I got the sense he might also brag he could hack into any porn site on the Internet by putting in his mom's credit card number.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
Care to name anyone who's reoffended after being executed?
I'm not condoning his actions in the slightest.
But you do realize what he's doing basically, Google and Facebook and many others also do every day?
Really. Don't do online payments, don't subscribe to news organizations, don't stream games, don't get email notifications, nothing. The only sort of safe exception is medical information under HIPPA.
Remember no organization is at risk if they leak your info. The cost of a breach is just factored into the cost of doing business. That's why HIPPA is an exception. Medical information leaks are treated extremely seriously and they can even cause an organization to be shut down.
The only one who is at risk if personal data becomes public is you. Organizations don't give a damn about you.
Why is Snark Required?
"500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names." Other than underarmor, THESE are the BIGGER NAMES? Lol.
IKR? Never heard of any of these short of UnderArmor and I haven't heard any news from that outfit for a long time.
You're messin' with my Zen Thing, man.....
Care to name anyone who's reoffended after being executed?
Exactly the same number as have reoffended after serving a life sentence without eligibility for parole. Killing them back accomplishes nothing, but does exclude the possibility of exoneration in the large number of cases where someone has been wrongly convicted.
The hash is most likely far shorter than that 1kb number, and I am not sure if that is kilobits or kilobytes being referenced. Assuming a strong SHA512 hash and a 1kb password, you have introduced many collisions with more modest length passwords.
If you stop letting people appeal after appeal after appeal it wouldn't cost so much. Criminals like James Holmes where they is zero doubt of who committed the crime. Why keep those people alive? Saying it cost to much is just the system being broken. Killing someone is extremely cheap. Just ask James Holmes.
For some reason though, we would rather waste money on keeping him alive. I guess he's worth our taxes dollars, eh? Surely no other way we could spend that money but instead we let him live.
In extremely cases where there is lots of evidence, there should totally be an option of the death penalty and we really ought to be reforming that system itself. 30 years on death row? That's a miscarriage of justice.
That is unlikely. Most people are not cave-men that think murder (whether by the state or otherwise) is acceptable.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Wow, you really do not understand how things work. And even with your primitive approach, it would still not have any deterrence value.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
That is not what "deterrence" means.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You get much more fun junk mail if you claim your income's >$400,000; and your interests include hunting rifles and endangered species.
Care to name anyone who's reoffended after being executed?
You thought you were trolling, but I've got a serious answer to that:
Jesus Christ ("offended" the archaic laws in place in 1BC)
Justice isn't always fair -- it's enforcing the laws in place at the time. One of the failings of our justice system is that the system itself can be wrong at times and yet we still strive for the harshest penalty for someone who may have been right in the truest sense.
I would be heavily in favour of the death penalty for this moron.
The focus should be on fixing security holes, rather than draconian punishments for those who inevitably exploit them.
Can't we do both?
What is your theory as to why we can't have nice things?
Cave men like that saved your parents arse in WW2. Perhaps you think Hitler and the Japanese should have just had stern words spoken to them?
Moron.
Who said deterence is the only goal? Prevention of further crimes by the criminal is just as important and the death penalty does that perfectly with the added bonus of not costing the same as a 4 star hotel to keep them incarcerated for their rest of their lives.
My pass phrase is 1kb long.
Well, MY pass phrase has 1kg mass.
So, you've been logging into to Slashdot for the last 5 years just for this one post? Was it worth it?
"Mail from Security Minded People."
Please check the strength of your password using our free tool:
www.www.com/passwordchecker.py
Why my PW is 1kb... Should say it's strong. Let me cut & paste it in.
See, says it the best it has ever seen!
I'm so smart. I'm so smart...
I joke about this, however I work someplace and the guy in charge of the windows people typed his password into the checker in less than 5 minutes. This was the day after phishing awareness training.
If you want to keep things secure, get rid of passwords. At the very least go to MFA. People as a rule can't be trusted. Individuals - sure. People hell no. People are dumb. At any place - company, government agency, etc...you have people.