425 million user accounts hacked in massive online security breach

The personal data of 425 million internet users has been hacked and sold online.

425 million user accounts hacked in massive online security breach

In what is being called the biggest online security breach of all time, the usernames, email addresses and passwords of 425 million Myspace and Tumblr users have been hacked and are now available for sale online. The hacked data emerged for sale through a well-known hacker website and is available for purchase price of $4300. Both Myspace and Tumblr have confirmed that the user data was compromised as a result of security breaches several years ago.

These breaches are not isolated incidents. Just last month, LinkedIn confirmed a breach of 164 million accounts back in 2012, which was only revealed after the compromised data emerged for sale online. A hacker group that has stolen more than one billion passwords in the past few years is believed to be responsible for all three breaches.

In all three cases though, credit card or bank details were not stolen. The hackers were simply after email addresses and user passwords. With this information, hackers can attempt to access other websites and email accounts.

The lesson we all need to learn from these security breaches is that you just cannot trust anyone except yourself to keep your data secure. Take action at your end by ensuring that your email passwords are different to those used for any other website. It is also highly recommended that you take your security protocols one step further by using unique passwords for each different website you visit.

Find out if your email address has compromised at www.haveibeenpwned.com
Read more from www.theage.com.au
Read more from www.arstechnica.com

RELATED ARTICLES






    COMMENTS

    To make a comment, please register or login
    Ted Wards
    2nd Jun 2016
    10:22am
    Your email is never safe. I signed up for the happy hour alert through virgin and received 75 new spam messages yesterday and counting. They were addresses from all over the world as well.
    MICK
    2nd Jun 2016
    11:25am
    You sure that was Virgin? If so contact the company and complain and/or put in a complaint with ASIC.
    Sounds more like you opened something in your inbox and then got the flood of junk.
    GrayComputing
    2nd Jun 2016
    10:54am
    We will continue to have unsecure computers and internet theft and scams while we let governments and their (uncontrollable?) security agencies put the task of catching one possible terrorist as far more important then the security of the web and our own computers and are busy scrapping the rights of privacy and freedoms of billions of normal people by forcing computer companies to weaken security of their products rather than improve them.
    So far the multiple billions of dollars spent on public massive surveillance have resulted in just a few arrests and fewer convictions.
    Sadly most people seem to prefer being quiet cowards with no privacy or freedoms rather then stand up and fight (again)for our freedoms.
    Freedoms that soldiers like our Anzacs died for so we could have a better life for us and our children.
    MICK
    2nd Jun 2016
    11:29am
    Australian citizens have been under attack from this coalition government since day1. First their banking accounts. Next the desire for government to control us in every way possible, including privacy. This is how our current 'security' scam has been sold. What is happening here has been spat out in the US but we have been forced to accept the lie of 'security' in the name of safety. As we saw with several recent attacks from Islamic loonies this did not prevent what was going to happen anyway.
    Anonymous
    4th Jun 2016
    2:38am
    Privacy control has been going on now for a very long time, Mick - and it is not only the LNP who do it... ALL 'governments' here in Oz feel they have the right to total access to your personal life and privacy.. and the crypto-Communists of the right are no better in that regard than the crypto-Fascists.

    ALL are dedicated to as much control over the individual as they can enforce with or without our compliance...

    If you think differently you are way behind the times.... do yourself a favour and look back at successive waves of legislation, regulation and policy and see who did what and what it actually means to the ordinary person.

    You will find the f=difference of a cigarette paper between the 'right' and the 'left' in 'politics'.. ALL are Fascists of the first water, who feel that the ordinary person is just another disposable item - whatever the 'ideology' that dictates that h]this be the case...

    Little wonder that Henry Kissinger, in his series "Blood On The snow", clearly pointed out that Stalin killed more of his own people than the NAZIs did.....

    BOTH ideologies desired the total rule by a self-appointed elite, who knew better than those they ruled what was right and what was wrong....

    While our present crop will never publicly state that is their intention or ideology - the results speak for themselves.

    If you wish to continue to be a subject and not a Democratic Lord in Your Own Right.... kow-tow to those you would not piss on in a bush fire....

    Not me!
    Anonymous
    4th Jun 2016
    2:41am
    Aaargh!... " the crypto-Communists of the right are no better in that regard than the crypto-Fascists." .. WRONG!

    Read:- "crypto Communists of the Left are no better than the Crypto Fascists of the Right."

    .. and no real difference..... all are petty little jumped-up twerps you would not piss on in a Victorian conflagration, but who somehow hold the reins over YOUR life....
    Biddy
    2nd Jun 2016
    10:55am
    Never give out any information that you do not want anyone to know about,do not open any web site you are not sure of and do not give out information that you do not want known,hackers will try anything to get information of your personal details always be aware they are out there tapping into anything that is personal ,use different passwords and mix them so they cannot copy anything we are all vulnerable but being aware is the key
    MICK
    2nd Jun 2016
    11:31am
    It's almost impossible Biddy unless we choose to live in the past. Just consider that every time you want to discuss your account they ask for DOB, address, etc. This stuff is all on file and giving it to an agent is like putting it out there anyway as who is to say a bad employee wil not on sell your details.
    particolor
    2nd Jun 2016
    12:43pm
    And Do !! :-(
    MICK
    2nd Jun 2016
    11:23am
    Drew: this just confirms my concerns that ALL information about us will eventually be available for sale. The question is:

    1. how does one stop identity fraud if the crims have all the necessary details to open an account in your name and then buy goods in your name?
    2. passwords to your banking accounts can then be used to shift money to the new accounts. Effectively 'stolen'. Don't expect banks to refund your money if this becomes a huge problem!
    biddi
    2nd Jun 2016
    12:17pm
    Mick : #1 GOOD POINT!
    greygeek
    2nd Jun 2016
    12:20pm
    My credit card account was recently fraudulently used. I received a text message from my Bank @ 1.30 a.m., asking for a "Y" or "N" to confirm a purchase of $970 Au in the Netherlands within the last 30 minutes.
    I received a further text to state my account had been "cancelled" and for me to contact the Bank asap. I found my bank statement and called the number displayed, followed the usual checks etc. transferred to Fraud and learnt of the purchases/attempted purchases in New York, Netherlands, etc.
    The Fraud Inspector in answer to my question as to what "alerted" them to possible fraud was:- 1. I always inform them in advance of any overseas travel. 2. I rarely shop online and when I do, it is Australian based purchases. Those two markers were enough to raise suspicion within the bank.
    I have had a new card issued and all amounts cleared. The Banks and Police will assist if fraud is suspected. I have different passwords for everything and none bear any relation to myself or family etc. I also have updated web security and only ever use "identified" safe sites. I am not on myspace or other group sites either.
    The individual can do a lot to protect their identity and security, it is not difficult.
    Anonymous
    2nd Jun 2016
    4:42pm
    Banks are required by law to refund any funds illegally removed from an account under their system. A lot of people assume otherwise or are given bad information by other people and don't contact their bank which means that there will be no refund. If the banks don't know, they can't refund.
    Anonymous
    4th Jun 2016
    2:50am
    Mick - I've had that done... somehow by communicating with someone in South Africa, I became the conduit for some sort of scam and began receiving parcels addressed to me... things such as expensive mobile phones and computers ans stuff....

    I reported it to the scam authority and queried the companies sending these things....

    Why would an old bastard like me be receiving stuff from elderly ladies using their credit card wen I've never had any contact with them?

    I blew the lid on a scam.... happy to do so...

    But I RESENT my personal information being some form of saleable item... if I want it - I'LL ASK YOU!

    (same as the guy who queried my parking in a disabled spot - day comes when I need your opinion, I'll ask for it... or alternatively there'll be plenty of you lying on the ground. Just because I have a disability parking card doesn't mean I'm dumb or an easy target)....
    particolor
    2nd Jun 2016
    1:56pm
    They can hack till their Axe goes blunt ! :-) I've got nothing to hide Or is that nothing butt Hide !! ? :-)
    GrayComputing
    2nd Jun 2016
    6:14pm
    Dear Particolor.
    If it helps you feel better do keep up the delusion that you are not a target.
    Being innocent,honest and upright does not stop anyone from hacking your computer nor your bank, shop credit card accounts or your family or groups unless you are not connected to the web and also live on a deserted island.
    You and all your contacts are still a potential for being a part of a nasty false positive in our totally untrustworthy metadata collecting and the ultra stupid subsequent "computer" correlation processes that may see the police wrongly raid your house.
    Have a nice. Len
    particolor
    2nd Jun 2016
    7:58pm
    I'll offer them a Cuppa Tea while they're wasting their time !! :-)
    And if they Bugger my computer Stiff ! I've got 3 Spares !
    I never Bank or do anything financial on the Net.
    I've got No family that I've talked to the last 40 Years :-)
    Give False Names and Birth dates on Everything :-)
    Pay Cash when I shop ! :-)
    Hillbillypete
    3rd Jun 2016
    8:12am
    A different password for every web site! yeah right! have enough trouble remembering one password.
    Libby
    3rd Jun 2016
    10:52pm
    I use a "sentence" as a password to make the hackers very frustrated. For example just use the first letter of a sentence - "I once lived in Mount Druitt" to IoliMtD! or My son was born in 1946....... I use very hard password for my bank. The hackers can't be bothered trying to work out a "sentenced" password, it will take them too long or NEVER! Besides I don't use Myspace or Tumbir. I've never had problems with Hotmail, Gmail of Yahoo.
    To those who have had money stolen from their accounts, the bank will pay back the amount and they can afford to, look how much profit they get! I think that is the law now and they're the ones who are supposed to keep your account safe. I'd love to chop off hacker's fingers! I also got spam mail from Paypal to fill out so-called form to say my account has been hacked. There is a way to solve this by forwarding it to "phishing" at Paypal's website instructions. They do reply to say thanks and they then get to work on it. DON'T EVER, EVER believe Paypal in "junk" mail because firstly they don't address you by your first name, secondly they want to steal your details.
    Anonymous
    4th Jun 2016
    2:55am
    Agreed. I've had junk mail claiming Paypal - I simply refer it to Paypal and they always say "NO".

    Unless they contact me through the internal mail system, it is not them. At the same time, I've had to change my password because someone has tried to access my account.

    4th Jun 2016
    2:27am
    About 95% of my mail is spam even though I have a spam filter. It gets to the point where you feel like having a new email account... but when the one you use most is the one your family use etc.... it is hard.
    particolor
    4th Jun 2016
    3:44pm
    Mine was the same Treb Good for a While but then they Hack into you with the Spam from Trusted and Social Site !! :-( :-(


    Join YOURLifeChoices, it’s free

    • Receive our daily enewsletter
    • Enter competitions
    • Comment on articles