Cyber experts uncover 2 million stolen passwords to global Web accounts

BOSTON Thu Dec 5, 2013 9:04am IST

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Files

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013.

Credit: Reuters/Pawel Kopczynski/Files

Stocks

   

BOSTON (Reuters) - Security experts have uncovered a trove of some 2 million stolen passwords to websites including Facebook, Google, Twitter and Yahoo from Internet users across the globe.

Researchers with Trustwave's SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cyber criminals use to control a massive network of compromised computers known as the "Pony botnet."

The company told Reuters on Wednesday that it has reported its findings to the largest of more than 90,000 websites and Internet service providers whose customers' credentials it had found on the server.

The data includes more than 326,000 Facebook Inc (FB.O) accounts, some 60,000 Google Inc (GOOG.O) accounts, more than 59,000 Yahoo Inc (YHOO.O) accounts and nearly 22,000 Twitter Inc (TWTR.N) accounts, according to SpiderLabs. Victims' were from the United States, Germany, Singapore and Thailand, among other countries.

Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached.

SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.

An analysis posted on the SpiderLabs blog showed that the most-common password in the set was "123456," which was used in nearly 16,000 accounts. Other commonly used credentials included "password," "admin," "123" and "1." (bit.ly/1g6hfJZ)

Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.

"People are using very dumb passwords. They are totally useless," he said.

(Reporting by Jim Finkle; Editing by Ken Wills)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared
People walk in the Wipro campus in Bangalore June 23, 2009. REUTERS/Punit Paranjpe/Files

Wipro Q4 net profit beats estimates, rises 29 percent

Wipro posted a 29 percent rise in its fourth-quarter net profit, beating expectations, helped by increased IT spending by its customers. For the quarter ended March 31, the company said it earned 22.27 billion rupees compared with 17.29 billion rupees a year earlier.  Full Article | Full Coverage 

REUTERS SHOWCASE

Election 2014

Election 2014

India holds biggest day of voting with BJP gaining strength  Read | Full Coverage 

Market Eye

Market Eye

Sensex jumps 351 points, snaps 3-day losing streak  Full Article 

Insider Trading Case

Insider Trading Case

Ex-Goldman director Rajat Gupta to surrender June 17 in insider case.  Full Article 

Expansion Plans

Expansion Plans

Reliance Industries, HPCL Mittal plan refinery expansions.  Full Article 

S&P on India

S&P on India

S&P: India's ratings to depend on next govt econ, fiscal policies.  Full Article 

Ambitious Aim

Ambitious Aim

In green car race, Toyota adds muscle with fuel-cell launch.  Full Article 

Deal Talk

Deal Talk

Piramal to buy 20 percent stake in Shriram Capital for $334 million.  Full Article 

Bond Market

Bond Market

A star abroad, RBI boss riles bond traders at home  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage