1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Thousands of accounts "leaked/stolen"

Discussion in 'Off Topic' started by Nysm, Jun 16, 2011.

  1. Nysm

    Nysm Member

    Lulzsec has released a file containing over thousands of e-mails and passwords in a 2MB file.

    I downloaded it to check if I had been compromised but I do not and am not using it as personal gain. I however enjoy helping others and will be happy to check email addresses sent to me via PC/PM to tell you if your account is located in this 2MB file so you can restore your compromised account, I will however not give you the password associated with the account username.
     
  2. James

    James Well-Known Member

    Where are the files from? A gaming site? A compromised e-mail provider?

    It'd help to have the details so people can be aware or not.
     
  3. Nysm

    Nysm Member

    The file was uploaded to a file sharing site called mediafile and they publicly put it on their twitter account. And apparently they are from different sites such as Facebook, Photobucket, Twitter, Gaming Accounts, Porn Accounts and much more.
     
  4. dieketzer

    dieketzer Well-Known Member

  5. Nysm

    Nysm Member

    I tried to avoid posting the link due to people not wanting to download it, but still.. should you still not want to download the file you can send me a pc/pm.
     
  6. kkm323

    kkm323 Well-Known Member

    Most accounts has been updated
    you can't login to the network until you verify your email and change your password. I am only afraid if they stole all of the credit card's information.
    If you really want to help, than delete that file from your computer
     
    John likes this.
  7. dieketzer

    dieketzer Well-Known Member

    you have no way of knowing this.
    this is a list of 62,000 username/passwd combinations from an untold number of websites. pretending the file doesnt exist wont help me nearly as much as checking it for my details and taking any necessary action.
     
    Brett Peters likes this.
  8. Floris

    Floris Guest

    Eh .. thousands of sites are compromised daily, not everybody that hacks sites disclose this on twitter ..

    All you can do is assume the site you're on isn't secure enough; and as a precaution you rotate your passwords, you use password haystacking on a hard to guess extended alphabet string, and use a unique password per web site.

    Generate a good password; https://www.grc.com/passwords.htm and apply a haystack https://www.grc.com/haystack.htm

    I use 1password on my systems + mobile devices, so I don't have to keep track of them, they're generated, and synced. And I could copy/paste them so I don't have to remember them.

    http://agilebits.com/products/1Password

    Not perfect, but a lot better than people using 'letmein' on both facebook, a game site, and online banking ..
     
  9. Russ

    Russ Well-Known Member

    And WHY are we posting this list of compromised accounts on xenforo.com - out of curiosity.
     
  10. steven s

    steven s Well-Known Member

    The page has been taken down.
     
  11. Floris

    Floris Guest

    Lulzsec releases are all online ..
     
  12. Nysm

    Nysm Member

    It was no my intention to, all I wanted to do was help others restore lost accounts to this release however someone else was sharing the link.
     
  13. Russ

    Russ Well-Known Member

    Ya no worries, I'm interested in the article just don't think it's appropriated to post confidential information such as usernames and passwords on a business forum.
     
  14. Luke F

    Luke F Well-Known Member

  15. Russ

    Russ Well-Known Member

  16. dieketzer

    dieketzer Well-Known Member

    its not a list of compromised accounts.
    its a list of usernames/emails and passwords.
    this list is already being posted all over the web. the real nasties already have the file.
     
  17. jonsidneyb

    jonsidneyb Well-Known Member

    Will someone hurry up and catch these guys.
     
  18. mlx

    mlx Well-Known Member

    Will someone hurry up and stop storing plain text passwords on web servers; and stop using the very same password everywhere ...

    Sorry, but I can't help myself still enjoying LulzSec having fun with that.

    Why we secretly love LulzSec
     
  19. SilverCircle

    SilverCircle Well-Known Member

    Exactly. What they are doing might be legally wrong, but it rings an alarm bell for many. I'm pretty sure a lot of webmasters and bigger companies will review their security level because no one wants to be the next on the list of "pwnds".

    It increases awareness for the myriads of potential security issues on the net. Sometimes, some collateral damage is required to wake up people and make them aware of problems that urgently need to be solved.
     
  20. steven s

    steven s Well-Known Member

    And I think connecting to unsecured public wi-fi networks should also be a wakeup call.
    I never do anymore. I connect using my phone which gives me a little more security.
     

Share This Page