There is a cyber criminal on the loose. This time, the criminal has decrypted at least 1 million accounts from Yahoo and Gmail and has put them up for sale in a marketplace in the underground cybercriminal world. The information on the accounts includes plaintext passwords, emails and usernames.
All hope is that this information is not true as it poses one of the biggest cyber risks of our time. A look at the details means lots of users from both platforms are at a high risk of being exposed if the accounts are sold.
SunTzu583, the username picked by the cybercriminal in (dis)honor of the Art of War writer, has on offer about 100,000 yahoo accounts obtained from the Last.fm hack of 2012. For these accounts, he wants 0.0079 bitcoins which is the equivalent of $10.75. There is another batch of 145,000 accounts from yahoo obtained from the 2008 and 2013 MySpace and Adobe hack respectively. For these ones, SunTzu583 needs 0.0102 bitcoins.
For 0.0219 bitcoins, SunTzu583 can part with 500,000 Gmail accounts. These accounts are from the MySpace data breach of 2008, the 2014 Bitcoin Security Forum hack and the Tumblr hack of 2013. The cyber criminal also has another batch of 450,000 Gmail accounts up for sale at 0.0199 bitcoins. These accounts were obtained from various data hacks that took place between 2010 and 2016. Some of them came from Adobe, Dropbox among others.
If you suspect that you have been hacked, you better take measures to keep yourself secure. These measures include changing your password to a stronger one, using two-step verification and using antimalware to keep at bay any hacks on your accounts.
With such information, a hacker has an easy time getting into various accounts including the stealing of people’s identity. Having your identity stolen is a nightmare you cannot risk as someone could do anything with your identity including stealing money from your bank, borrowing loans in your name and impersonating you on various online platforms.
While we have not verified the details of the accounts in question, there is a reason to be afraid unless you have taken the steps above. For most people, using the same password for years seems like the easiest way to have an account. However, it is advised that you always change your password every so often to throw off any data trails being made on your data.
To make it easy, use a password generator as they automatically generate then store the password for your accounts with ease. Some operating systems such as Apple’s iOS have built in password generators to ensure that you have all your passwords securely in one place.
Whenever you log in, the computer enters the password for you without you needing to remember it. Also, you can set a reminder to remind you of the times you need to change the password with the password generator. You can be sure that you will stay safe online.