SoylentNews

RandomFactor [soylentnews.org] writes:

Wired has an article [wired.com] up on hackers serving up stolen credentials in an all you can eat buffet.

WHEN HACKERS BREACHED companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more into a gargantuan, unprecedented collection of 2.2 billion unique usernames and associated passwords and is freely distributing them on hacker forums and torrents, throwing out the private data of a significant fraction of humanity like last year's phone book.

In a bit of libre philosophy remeniscent of 'data wants to be free' Chris Rouland, a cybersecurity researcher opines on the megadump

"It's entropy. When the data is out there, it’s going to leak."

Random Reminder - Password managers such as Password Safe [pwsafe.org] and the always cheerful site for checking if your credentials are already pwned https://haveibeenpwned.com/ [haveibeenpwned.com] are your friends. Might be worth an update check on your email addresses (as of 1/30 the new dump was not fully reflected in haveibeenpwned results, but that has likely been remedied by now.)

Original Submission