Site registers 10 million stolen passwords

Powered by SC Magazine
 

Aussie site booms in opening year.

More than 10 million hacked email addresses and passwords have been posted to an Australian web site in less than 12 months.

The site, shouldichangemypassword.com was developed by Sydney security researcher Daniel Grzelak to allow users to determine if they were victims of publicly-disclosed data breaches.

As first reported by SC Magazine, the site allowed users to search through databases of stolen email addresses collated from sources including news sites and data

The web site could be a gem for companies concerned that staff have reused work passwords and email addresses on other web sites that were subsequently compromised.

The portal was orginally developed for Grzelak's mum and friends, and was sold in January to the Avalanche Technology Group.

It made headlines on the New York Times, Forbes and tech media sites when the LulzSec hacking group was at its peak.

"It’s scary to think that in less than two years, hackers have made more email addresses and passwords public on the internet than the entire population of NSW," Avalanche Technology Group commercial manager Shayne Tilley said.

“With thousands of new compromised emails and passwords being discovered every day, it’s increasingly evident that the threat from hackers is more dangerous than ever. Unfortunately in many cases the compromise is only discovered after it’s too late.”

Each compromised email address was encrypted before being stored within the site using a unique ID.

"This means that not even Avalanche’s internal team can access the list of email addresses, let alone a third party," the company said.

Copyright © SC Magazine, Australia


Site registers 10 million stolen passwords
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1069

Vote