Sunday, July 14, 2024

Hackers Uploaded 42M Record that Contains Email Address and Credit Card Data to Free Anonymous Hosting Service

Hackers uploaded a collection of 42 million Email Address , plain text passwords, Spotify details, and partial credit card data to free anonymous hosting service

The operators of the service Kayo reached out to the security expert Troy Hunt to report the data and for further investigation. Kayo shared 755 files totaling 1.8GB.

According to Hunt, the data is typically taken from multiple data breaches and then combined into a single list to perform Credential stuffing attacks. The data is not related to and the platform is not affected by any incidents.

The data also contains a number of files, some with partial credit card data, logs and some with Spotify details. While checking for Email, Hunt found 42M unique values Email Address 93% of them already exists in HIBP.

There was no single pattern for the breaches they appeared in and the only noteworthy thing that stood out was a high hit rate against numeric email address aliases from Facebook added Hunt.

These Credential stuffing attacks can be avoided by using a unique password for each service and change the passwords to all accounts at least once a month.

You can also strengthen your security by taking additional precautions such as moving to two-factor authentication. Don’t use the same password for multiple accounts, especially Internet banking and other accounts where money or sensitive information are involved.

Also Read:

10 Million Customers Personal Records Leaked in Dixons Carphone Massive Data Breach

Reddit Data Breach – Hackers Stolen Users’ Email Address and Credentials

20,000 Users Affected With Air Canada Mobile App Data Breach


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles