A file containing 1.4 billion passwords that have not been encrypted (or clear text) are circulating on the Dark Web.
The file contains over 1,4 billion email addresses, passwords and other credentials, all clear text, and was discovered by the company security 4iQ.
The file is 41 gigabytes in size and was discovered on December 5. It was updated at the end of last month, which shows that the data is current and used by third parties. The identity of the hacker who posted them is not known, but he left data for any Bitcoin donations and Dogecoin.
"None of the passwords are encrypted and what scares us is that we tried some of them and most of them work." said Julio Casal, founder of 4iQ. "The breach is almost double the previous largest leak, the list from Exploit.in which reported 797 million registrations."
The Exploit.in list is included in this dump, as are the files that have been reported to have been stolen before. But much of the data seems to be completely new.
See the pictures uploaded by medium.com
The security company tried to get in touch with some of the subscribers in the list, and many e-mail addresses turned out to be active, although in most cases passwords were no longer used.
But no matter how we do it, the size of the leak is a treasure trove for hackers, as all these passwords together form a first-class library for attacks brute force…