A file containing 1.4 billion codes access (passwords), which have not been encrypted (or have been decrypted – clear text) are circulating on the Dark Web.
The archive contains over 1,4 billion email addresses post officey, passwords and other credentials, all in clear text, and discovered by the security company 4iQ.
The file has a size of 41 gigabyte and was discovered in December 5. It was updated at the end of last month, indicating that data is present and used by third parties. The identity of the hacker who posted them is not known, but left some evidence of any donations to Bitcoin and Dogecoin.
"None of the passwords are encrypted and what scares us is that we tried some of them and most of them work." said Julio Casal, founder of 4iQ. “The breach is almost double the previous largest leakage, the list from Exploit.in that exposed 797 million records.”
The Exploit.in list is included in this dump, as are the files that have been reported to have been stolen before. But much of the data seems to be completely new.
See them pictures uploaded by medium.com
The security company tried to get in touch with some of the subscribers in the list, and many e-mail addresses turned out to be active, although in most cases passwords were no longer used.
But no matter how we do it, the size of the leak is a treasure for them hackers, as all these passwords together form a first class library for brute force attacks...