- Instagram has mixed feelings about Mindy Kaling supporting Aziz Ansari 4 Years Ago
- Donald Trump keeps pushing his unsubstantiated voter fraud claims Today 4:09 PM
- Report: YouTube will no longer run ads on anti-vax channels Today 2:54 PM
- Microsoft employees want to cancel a $479 million contract with the U.S. military Today 1:14 PM
- Queso recipe gets launched to space Today 10:09 AM
- ‘Isabelle Facts’ was a wholesome queer meme account—until harassers showed up Today 8:28 AM
- 2016 election stories the ‘Newsroom’ reboot will cover Today 6:30 AM
- How to stream Brandon Rios vs. Humberto Soto for free Today 6:00 AM
- ‘The Haunting of Hill House’ heads to ‘Bly Manor’ for next installment Today 5:45 AM
- How to stream James DeGale vs. Chris Eubank Jr. for free Today 5:30 AM
- How to stream UFC Fight Night 145 in Prague for free Today 5:00 AM
- R. Kelly charged in Chicago with multiple counts of sex abuse Friday 7:51 PM
- Elon Musk finally hosts PewDiePie’s meme review Friday 6:27 PM
- Netflix throws ‘Umbrella Academy’-themed wedding for fans Friday 4:54 PM
- Report: Facebook collects app data on users’ body weight, menstrual cycles Friday 3:38 PM
Hackers released an enormous cache of 13,000 passwords and credit cards
If you use Xbox Live, PlayStation Network, Amazon, Walmart, or Hulu, you’ll want to read this.
On Friday, a group claiming affiliation with the loose hacker collective Anonymous released a document containing approximately 13,000 username-and-password combinations along with credit card numbers and expiration dates.
You might want to change your password and start monitoring your credit card for any suspicious charges.
The stolen personal information was released in a massive text file posted the document sharing site Ghostbin. The compromised sites run the gamut from pornography to gaming to online shopping.
Some of the most significant leaks came from online video gaming networks like Xbox Live, the Sony PlayStation Network, and Twitch.tv. There was information from accounts at Walmart, Amazon, and Hulu Plus, as well as keys to computer games like The Sims 3 and Dragon Age: Origins, and a whole lot of porn sites.
Some Anonymous members have pushed back on the assertion that this leak had anything to do with the hacktivist group. Anonymous has no official leadership or centralized organizational structure; instead, it functions as a loose affiliation of computer hackers that join together in support of various causes, ranging from battles with the Church of Scientology to doxing members of the KKK. If hackers branding themselves as Anonymous carry out a particular action, it doesn’t necessarily mean it’s any of the same people who have carried out any other Anonymous-branded action.
Judging from the document, the following sites were compromised or, at the very least, had some of their user data stolen—possibly through malware installed onto users’ personal devices or other nefarious methods.
While it’s difficult at this point to definitively know how the hackers acquired the material, Chris Davis, a cybersecurity researcher and fellow at the University of Toronto’s Munk School of Global Affairs, hypothesized that one likely possibility, based on the information contained in the leak, is that the hackers made use of a botnet. “The list of credentials [in the published list] fits that bill pretty well,” he explained.
Just to be on the safe side, if you have an account with any of these places, you might want to change your password and start monitoring your credit card for any suspicious charges.
- PlayStation Network
- Xbox Live
- Hulu Plus
In a effort to be topical, the hackers also put up a link to where people can download a copy of The Interview, for freedom.
This holiday season has been a busy one for high-profile cyberattacks. On Christmas Day, a hacker collective called Lizard Squad shut down both Xbox Live and the PlayStation Network, before turning their attention to the online anonymity network Tor.
Update: The story has been updated with information about the Anonymous affiliation of the hackers and about the nature of Anonymous itself. It has also been updated to indicate that not all of the sites themselves have necessarily been compromised; instead, malware installed on the computers of individual users could have been responsible for some of the security breaches.
Photo via edans/Flickr (CC BY 2.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.