Independent security researcher Troy Hunt revealed today that he found a database containing 65.469.298 e-mails and hashed and salted them. codeaccess and belong to Tumblr users.
Ο ερευνητής εντόπισε τα δεδομένα στην αγορά Real Deal του Dark Web, όπου ένας hacker με το όνομα Peace (γνωστός επίσης και ως Peace_of_mind) την πουλάει για 0.4255 Bitcoin (ή 225 δολάρια).
The researcher states that the passwords included in the database appear to be hashed and salted, which means that they are much more secure compared to the state in which the passwords were stored by LinkedIn and MySpace (only with SHA1 encryption), and the LeakedSource team managed to break most of them.
Tumblr has not released any official announcement yet, but Yahoo's blogging platform has announced from 12 May a possible data breach.
Then, the Tumblr team revealed that someone alerted them to a possible data violation that became 2013 before Yahoo even bought the platform.
The Tumblr team didn't reveal the number of users affected, but said they had started one procedure resetting passwords.
The latest Tumblr statistics reveal that the platform has about 550 million users, which means that one-eighth of all site accounts have leaked.
Troy Hunt has created the online service Have I've Been Pwned, where users can search a huge database to see if their details have been leaked.
It should be mentioned that the hacker Peace who sells the data, is the same person who sold the data of MySpace, LinkedIn, but also other online services, such as Fling.com and his forum Linux Mint.
