Another week, another massive user credentials database is for sale on the dark web, unveiling previously undisclosed data breaches and replaying the same suggestions on the use of password managers. The new batch is for sale by a hacker named “Gnosticplayers”, known for previous user data bundles that contained the credentials of 620 million users. This time, the batch contains the data of about 93 million accounts, and are sold for what corresponds to about $9400 in BitCoin.
According to the ZDNet report, the hacker claims responsibility for the acquisition of the data, and not just for the sale. As he characteristically stated: “My two main goals are: -money – the downfall of American pigs”. However, the databases that are on sale do not correspond solely to US citizens, as accounts held by people from other parts of the world are also to be found in there. The reason why the hacker targets the US specifically is because the American government wants to sentence the arrested hacker George Duke-Cohan for the second time with 65 years in prison after he has already spent three years in a UK prison.
The eight databases that are on sale right now comprise the following:
None of the online platforms mentioned above had informed their users of a data breach, but the leaks seem to be legit based on the initial analysis. Out of the eight databases, only that of the GfyCat uses strong enough encryption to make it harder for sniffers to use this data, while the rest seven, unfortunately, cannot claim the same. Considering that one breach occurred in 2015, another two in 2017, and the rest five in 2018, users cannot rely on the transparency that the platforms showcase on such incidents. The hacker has had their credentials for a long time, so using password managers and changing passwords frequently is the only way to go.
Are you using any of the eight platforms that constitute this new user data sale? Let us know in the comments below, and help us spread the word by sharing this story through our socials, on Facebook and Twitter.