Researchers at 4iQ found a massive database collection on Darkweb which contains 1.4 billion usernames and passwords without any encryption. The online circulating data is shown in plain text.
According to the 4iQ founder and chief technology officer Julio Casal this is the largest database leak ever found on Darkweb. Also, the database file is circulating on darkweb websites. Recently on reddit someone posted from where they download a copy of this database and now verify its authenticity.
Researchers said the size of database is 41 GB which contains 1.4 billion username, emails and passwords of random peoples.
Everything in the database is properly organized in alphabetical order, therefore hackers with basic knowledge can easily search for username and passwords. The important credentials could be used to compromise various accounts.
The database has been last updated in the end of November and collected from different sources including Bitcoin and Dodgecoin wallets, Netflix, LinkedIn, Last.FM, My Space, Zoosk, Adult websites, Badoo, RedBox, games like Minecraft and Runescape, and credential lists like Anti Public, Exploit.in.
Some of the data breach incidents are quite old and the leaked database have been circulating for some time, so hackers can easily take advantage of this because users re-use their same passwords on other platforms and choose easy to use passwords. The most common passwords found in database are such as “123456”, “123456789”, “qwerty,” “password” and “111111”.
The investigation is continuing and the person who upload this database on darkweb is still not found. If you want to protect yourself then always choose strong passwords for accounts and never use same passwords for multiple accounts.