- Failed Green party candidate was secretly behind this popular QAnon account 4 Years Ago
- Dude gets dunked on for claiming Keira Knightley’s ‘six pack’ makes her trans 4 Years Ago
- A theoretical tax on Bud Light has infuriated conservatives Today 10:10 AM
- Tumblr is back on the iOS App Store as NSFW content ban looms Today 10:10 AM
- Here’s why YouTube deleted 58 million videos and a ton of accounts Today 9:43 AM
- The 25 worst passwords of 2018 Today 9:27 AM
- 7 subscription services that make great last-minute gifts Today 9:12 AM
- Little Miss Flint takes on Tomi Lahren’s border wall tweet Today 9:05 AM
- Michael Cohen contradicts Trump tweets, says president knew payments were wrong Today 8:39 AM
- Super Smash Bros. Ultimate girls blush when they eat curry, and fans are being horny on main Today 7:58 AM
- The 2nd gen Amazon Echo Show is a digital assistant game-changer Today 7:00 AM
- How to watch ESPNU online for free Today 7:00 AM
- ‘The Fix’ is another talk show Hail Mary from Netflix Today 6:45 AM
- 2018 was the year the ‘alt-right’ failed Today 6:20 AM
- The best Italian movies on Netflix Today 6:00 AM
Hackers released an enormous cache of 13,000 passwords and credit cards
If you use Xbox Live, PlayStation Network, Amazon, Walmart, or Hulu, you’ll want to read this.
On Friday, a group claiming affiliation with the loose hacker collective Anonymous released a document containing approximately 13,000 username-and-password combinations along with credit card numbers and expiration dates.
You might want to change your password and start monitoring your credit card for any suspicious charges.
The stolen personal information was released in a massive text file posted the document sharing site Ghostbin. The compromised sites run the gamut from pornography to gaming to online shopping.
Some of the most significant leaks came from online video gaming networks like Xbox Live, the Sony PlayStation Network, and Twitch.tv. There was information from accounts at Walmart, Amazon, and Hulu Plus, as well as keys to computer games like The Sims 3 and Dragon Age: Origins, and a whole lot of porn sites.
Some Anonymous members have pushed back on the assertion that this leak had anything to do with the hacktivist group. Anonymous has no official leadership or centralized organizational structure; instead, it functions as a loose affiliation of computer hackers that join together in support of various causes, ranging from battles with the Church of Scientology to doxing members of the KKK. If hackers branding themselves as Anonymous carry out a particular action, it doesn’t necessarily mean it’s any of the same people who have carried out any other Anonymous-branded action.
Judging from the document, the following sites were compromised or, at the very least, had some of their user data stolen—possibly through malware installed onto users’ personal devices or other nefarious methods.
While it’s difficult at this point to definitively know how the hackers acquired the material, Chris Davis, a cybersecurity researcher and fellow at the University of Toronto’s Munk School of Global Affairs, hypothesized that one likely possibility, based on the information contained in the leak, is that the hackers made use of a botnet. “The list of credentials [in the published list] fits that bill pretty well,” he explained.
Just to be on the safe side, if you have an account with any of these places, you might want to change your password and start monitoring your credit card for any suspicious charges.
- PlayStation Network
- Xbox Live
- Hulu Plus
In a effort to be topical, the hackers also put up a link to where people can download a copy of The Interview, for freedom.
This holiday season has been a busy one for high-profile cyberattacks. On Christmas Day, a hacker collective called Lizard Squad shut down both Xbox Live and the PlayStation Network, before turning their attention to the online anonymity network Tor.
Update: The story has been updated with information about the Anonymous affiliation of the hackers and about the nature of Anonymous itself. It has also been updated to indicate that not all of the sites themselves have necessarily been compromised; instead, malware installed on the computers of individual users could have been responsible for some of the security breaches.
Photo via edans/Flickr (CC BY 2.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.