Another massive breach has taken place where almost 100 million accounts of the popular Russian web portal, Rambler.ru were leaked online.
The hack had exposed usernames, email addresses, ICQ addresses and passwords of 98,167,935 accounts. To make things worse, Rambler, a version of Yahoo, stored passwords in plain text rather than encrypting them, thus giving full access to the hacker without having to crack them first.
A breach repository site, LeakedSource revealed that the attack occurred way back on 17 February 2012 which appears to have gone unreported in all these years. The entire database might have been downloaded four years back.
The cyber attack is the latest in a recent string of data breaches. Rambler’s competitor, VK.com, was hacked in late 2012 or early 2013 and exposed the data for its entire user base. Recently, the details of 70 million Dropbox accounts, from a breach dating back to 2012, were also leaked online. The music service Last.FM was also attacked that year, affecting 48 million users. LinkedIn and Myspace were also hacked in 2012.
LeakedSource has been publicizing and verifying most of these leaks throughout 2016. Anonymous parties forwarded LeakedSource the data from these hacks, and the service contacted users to judge the authenticity of the information. After verifying the data, LeakedSource uploads its info into a searchable database so users can see if their info was compromised.
The breach was reported by the same user who handed LeakedSource some 43.6 million cleartext breached Last.fm accounts also dating back to 2012.
On analyzing the passwords, LeakSource found that though mega breaches are becoming common, users continue to use weak passwords. The most common password in the Rambler.ru breach is ‘asdasd’, which was used by 723,039 account holders.
The top 10 used passwords from this breach are:
| Rank | Password | Frequency |
|---|---|---|
| 1 | asdasd | 723,039 |
| 2 | asdasd123 | 437,638 |
| 3 | 123456 | 430,138 |
| 4 | 000000 | 346,148 |
| 5 | 666666 | 249,812 |
| 6 | 654321 | 242,503 |
| 7 | cfreyjdf | 237,009 |
| 8 | 123321 | 236,871 |
| 9 | 555555 | 230,453 |
| 10 | 123123 | 222,983 |
LeakedSource partnered with Russian journalists due to language barriers to confirm if the account dump was valid.
LeakedSource is processing other massive breaches and will be announcing their results slowly.
As data breaches are increasing with every passing day, users should be vigilant enough to use strong unique passwords for every site that they register an account. Online security is a serious topic and existing password education isn’t enough to deal with the situation.
