Two million passwords stolen from Facebook, Twitter and Google

Major sites have begun resetting passwords for compromised accounts, although researchers estimate that most targets were from the Netherlands

James Vincent
Thursday 05 December 2013 11:15 GMT
Comments
(David Precious/Creative Commons)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

More than two million passwords from popular social media sites including Facebook, LinkedIn and Twitter have been stolen and posted online by hackers.

The attack has been described as “fairly global” with victims “scattered all over the world”, although the vast majority of comprised users (some 96.66 per cent) were using computers with IP addresses located in the Netherlands.

Security researchers employed by Trustwave stumbled upon the hoard of stolen data whilst investigating a botnet known as ‘Pony’. Botnets are networks of hacked computers created by criminal gangs to use for a number of illegal tasks online, although it’s thought that these passwords were stolen using keylogger software.

A previous attack using the Pony botnet was described by the researchers as “hit-and-run operation,” whilst this attack was carried out over a number of weeks with the hackers taking in a “fairly stable and consistent” number of passwords each day.

A screencap showing the domains affected.
A screencap showing the domains affected.

Other sites targeted included Russian social media sites vk.com and odnoklassniki.ru, as well as Google and Yahoo. Trustwave notified the sites involved before posting their findings online, and spokespersons from both Facebook and Twitter have told the Huffington Post that accounts found on the list have had their passwords reset.

However, it seems that the passwords themselves were not doing much to help protect users in the first place. The researchers noted that the top ten most commonly used passwords in the list included “123456”, “123456789”, “1234”, “password” and “1”.

“And it all goes downhill from there,” wrote the researchers in a blog post. “There were more terrible passwords than excellent ones, more bad passwords than good, and the majority, as usual, is somewhere in between in the Medium category.”

Whilst a similar cache of leaked Myspace passwords from 2006 revealed that the top ten most common passwords comprised 0.9 per cent of the total, this recent leak ups that percentage to 2.4.

However, there is some good news, as users are apparently using longer passwords more consistently. Passwords with more than 10 characters made up 17 per cent of the total in 2006, and in 2013 this figure has risen to 46 per cent.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in