June 3, 2024 at 03:50PM
Have I Been Pwned service added a trove of 361 million stolen credentials obtained from cybersecurity researchers who collected them from Telegram cybercrime channels. The stolen data includes username and password combinations, along with raw cookies, and was shared for free on Telegram. The credentials have affected numerous websites, and efforts are being made to mitigate the impact.
From the meeting notes, I have gathered the following key takeaways:
1. A massive trove of 361 million credentials has been added to the Have I Been Pwned data breach notification service, collected from numerous Telegram cybercrime channels. These credentials consist of username and password combinations, along with URLs and raw cookies.
2. The researchers shared this data with Troy Hunt, the owner of Have I Been Pwned, who confirmed it contains 361 million unique email addresses, with 151 million never previously seen by the service. He utilized sites’ password reset forms to confirm associations between leaked email addresses and the respective websites.
3. This dataset poses significant security threats, as it implicates potentially every site that allows logins, including BleepingComputer. A subset of BleepingComputer accounts was stolen by information-stealing malware, which led to the compromise of passwords, cookies, and browsing history.
4. BleepingComputer is taking proactive measures to analyze the stolen data, remove duplicates, and reset affected members’ passwords. However, impacted users are advised to reset passwords for all their accounts, as timestamps indicating when the credentials were stolen are not available.
5. It’s highlighted that information-stealing malware has become a serious cybersecurity threat, leading to various attacks, including ransomware and data theft. There is no easy solution to prevent these attacks, but practicing good cybersecurity habits, such as avoiding untrusted attachments, using trusted software sources, and keeping software updated, is essential.
These takeaways emphasize the urgency of addressing the widespread impact of stolen credentials and the importance of maintaining strong cybersecurity practices in response to evolving threats.