- Netflix thriller ‘Earthquake Bird’ can’t solve its own mystery Monday 4:45 PM
- Goop is selling an expensive ‘restraining arts’ BDSM kit Monday 4:17 PM
- Body positivity actress Lili Reinhart calls out Photoshopping app Monday 3:42 PM
- ‘Rick and Morty’ zeroes in on connections and leans into familiar territory Monday 3:30 PM
- People are sharing photos of how much they’ve changed in a decade Monday 2:30 PM
- A few of our favorite things on Newegg are on sale for Black Friday Monday 2:15 PM
- Disney adds ‘Bob’s Burgers’ movie back to release schedule after accidentally yanking it Monday 2:02 PM
- Ocasio-Cortez launches petition demanding Stephen Miller’s resignation Monday 1:24 PM
- Prince Andrew’s defense against child sex crimes stokes conspiracy theory flames Monday 1:20 PM
- More people may be looking to cancel Disney+ than Netflix Monday 1:09 PM
- Monday Night Football: How to stream Chiefs vs. Chargers live Monday 1:00 PM
- After days of deadly protests, Iran implements ‘largest internet shutdown ever’ Monday 12:55 PM
- ‘Disney Plus and thrust’ is apparently the new Netflix and Chill Monday 12:32 PM
- Woman fired, sued after coworker shared their sexts Monday 12:22 PM
- Group running GoFundMe for border wall breaks ground without permits Monday 11:47 AM
Hackers released an enormous cache of 13,000 passwords and credit cards
If you use Xbox Live, PlayStation Network, Amazon, Walmart, or Hulu, you’ll want to read this.
On Friday, a group claiming affiliation with the loose hacker collective Anonymous released a document containing approximately 13,000 username-and-password combinations along with credit card numbers and expiration dates.
You might want to change your password and start monitoring your credit card for any suspicious charges.
The stolen personal information was released in a massive text file posted the document sharing site Ghostbin. The compromised sites run the gamut from pornography to gaming to online shopping.
Some of the most significant leaks came from online video gaming networks like Xbox Live, the Sony PlayStation Network, and Twitch.tv. There was information from accounts at Walmart, Amazon, and Hulu Plus, as well as keys to computer games like The Sims 3 and Dragon Age: Origins, and a whole lot of porn sites.
Some Anonymous members have pushed back on the assertion that this leak had anything to do with the hacktivist group. Anonymous has no official leadership or centralized organizational structure; instead, it functions as a loose affiliation of computer hackers that join together in support of various causes, ranging from battles with the Church of Scientology to doxing members of the KKK. If hackers branding themselves as Anonymous carry out a particular action, it doesn’t necessarily mean it’s any of the same people who have carried out any other Anonymous-branded action.
Judging from the document, the following sites were compromised or, at the very least, had some of their user data stolen—possibly through malware installed onto users’ personal devices or other nefarious methods.
While it’s difficult at this point to definitively know how the hackers acquired the material, Chris Davis, a cybersecurity researcher and fellow at the University of Toronto’s Munk School of Global Affairs, hypothesized that one likely possibility, based on the information contained in the leak, is that the hackers made use of a botnet. “The list of credentials [in the published list] fits that bill pretty well,” he explained.
Just to be on the safe side, if you have an account with any of these places, you might want to change your password and start monitoring your credit card for any suspicious charges.
- PlayStation Network
- Xbox Live
- Hulu Plus
In a effort to be topical, the hackers also put up a link to where people can download a copy of The Interview, for freedom.
This holiday season has been a busy one for high-profile cyberattacks. On Christmas Day, a hacker collective called Lizard Squad shut down both Xbox Live and the PlayStation Network, before turning their attention to the online anonymity network Tor.
Update: The story has been updated with information about the Anonymous affiliation of the hackers and about the nature of Anonymous itself. It has also been updated to indicate that not all of the sites themselves have necessarily been compromised; instead, malware installed on the computers of individual users could have been responsible for some of the security breaches.
Photo via edans/Flickr (CC BY 2.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.