2 million Facebook, Twitter, Google passwords pilfered
BOSTON — Security experts have uncovered a trove of about 2 million stolen passwords to websites including Facebook, Google, Twitter and Yahoo from Internet users across the globe.
Researchers with Trustwave's SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cyber criminals use to control a network of compromised computers known as the “Pony botnet.”
The company told Reuters on Wednesday that it has reported its findings to the largest of more than 90,000 websites and Internet service providers whose customers' credentials it had found on the server.
An analysis posted on the SpiderLabs blog showed that the most-common password in the set was “123456,” which was used in nearly 16,000 accounts. Other commonly used credentials included “password,” “admin,” “123” and “1.”
Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.
“People are using very dumb passwords. They are totally useless,” he said.
Show commenting policy
TribLive commenting policy
- Black lung disease on rise in Appalachia
- Rare respiratory illness reported in at least 10 states
- Florida socialite’s lawsuit vs. feds in Petraeus scandal OK’d to proceed
- California firefighters work to contain trio of blazes
- Coverage in jeopardy for 115K Obamacare enrollees
- Man’s confession heard in 1979 slaying of N.Y. boy
- U.S. will increase aid to Ebola-stricken Africa
- Girl accused in stabbing to please ‘Slender Man’ to undergo competency examination
- Indictment in Georgia tot’s death in hot car gives jury latitude to convict dad of malice or neglect
- Federal statistics raise red flags about America’s growing diabetes crisis
- Wealth gap puts squeeze on state revenue