- Jameela Jamil dragged for comparing reproductive rights to landlord rights Tuesday 6:54 PM
- Trump campaign posts Thanos meme, totally misses point of ‘Endgame’ Tuesday 5:58 PM
- Petition calls for Apple to make a Baby Yoda emoji Tuesday 5:16 PM
- This BTS-Billie Eilish mashup is the most popular tweet of 2019 Tuesday 4:51 PM
- Michelle Wolf embraces vulgarity in ‘Joke Show’ Tuesday 4:24 PM
- Influencer gets 14 years in prison for trying to steal domain name at gunpoint Tuesday 4:14 PM
- ‘Three Days of Christmas’ is a delightfully dark holiday alternative to Hallmark Tuesday 3:55 PM
- The way Trump Jr. holds his own book inspires mockery Tuesday 3:47 PM
- Woman facing backlash for no longer wearing hijab in end of the decade photo Tuesday 3:16 PM
- Report: Consulting firm lied about decreasing violence at Rikers Island jail Tuesday 2:36 PM
- TikTok users are sharing things they thought were ‘ghetto’ as kids Tuesday 2:31 PM
- Republicans just blocked a net neutrality vote in the Senate Tuesday 2:24 PM
- ‘Fox & Friends’ host stuck using dad’s account after Twitter suspension Tuesday 1:10 PM
- ‘They’ is Merriam-Webster’s word of the year Tuesday 12:56 PM
- Inside Dolby’s big ‘Star Wars’ retrospective exhibition Tuesday 12:48 PM
2 million hacked usernames and passwords discovered in a massive online dump
Wanna guess how many passwords were “password”?
A team of Internet security researchers has stumbled upon a massive online cache of more than 2 million hacked email addresses, usernames, and passwords.
SpiderLabs, a division of online firm Trustwave that bills itself as an “elite team of ethical hackers, investigators and researchers,” made the announcement Tuesday.
The thing that many of the hacked accounts had in common? Outrageously easy passwords. Tens of thousands of them had passwords like “12345,” “1,” “admin,” and the ever-popular “password.” As you’d expect, the fewer characters and complexity a password had, the more likely it was to end up on that list.
The passwords had been harvested by an enormous botnet referred to as a “Pony,” which the BBC referred to as “probably run by a criminal gang.” As this Pony’s operators did a good job of covering their tracks, SpiderLabs couldn’t confirm where the attackers were based, though the dump was written in Russian.
Illustration by Fernando Alfonso III
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.