A tranche of 1.4 billion user passwords has been found–available for sale–on the dark web. But what makes the news alarming is the size, content, and format of the data.
Duncan Riley from Silicon Angle reports that researchers have discovered the database includes unencrypted passwords and is the largest aggregate of data on the dark web so far. While most of the sensitive information is from past data breaches, it is believed that 14 percent of the entire collection is fresh data.
“Although the 1.4 billion records is an impressive figure by itself, the way the credentials are stored within the download is said to be the more disturbing part of the discovery,” says Riley. Quoting one of the researchers who discovered the trove, Riley writes, “This is not just a list. It is an aggregated, interactive database that allows for fast (one second response) searches and new breach imports.” The researcher goes on to explain that because people reuse passwords across all their electronic accounts–social, financial, work, and other–automation makes it so much easier for hackers to hijack accounts.
Read the full story at Silicon Angle.