After a security breach of VerticalScope, 45 million accounts have been hacked. Passwords, usernames, IP addresses and emails from over a thousand sites and forums have been stolen. It’s still unknown who carried out the attack. VerticalScope is a Toronto-based media company that manages a vast amount of online hobby sites and forums, including Techsupportforum.com, Autoguide.com, Motorcycle.com and Petguide.com.
Related: Post-Breach Phishing
Data of the hack has been uncovered by breach data aggregator LeakedSource in April 2016. It wasn’t until June that LeakedSource processed the data of the hack, which is stated to have taken place in February.
How Were the 45 Million VerticalScope Accounts Hacked?
It’s likely that the massive proportions of the hack are due to VerticalScope’s hosting of all their sites on interconnected servers, or even one single server. According to ZDNet, many of the forums were running on outdated vBulletin software from 2007 that is known to be easy to breach. Only 10% of the domain’s password information was encrypted with a secure method. The majority of accounts were hashed with the borderline obsolete MD5 hash, strengthened with salting.
“123456” and “Password” Passwords Still Prevalent
Unsurprisingly “123456” and “password” are very prevalent in the hacked accounts, ranking at first (with 150,852 uses) and third (83,862) place respectively. At second and fourth place come the seemingly random “18atcskd2w”, (91,103) times and “3rjs1la7qe” (74,806). It’s currently unknown why these specific passwords are so widely used, but it goes to show that even a long and random password can be overused and changing your passwords regularly is a must for cyber security in this era of mass hackings and security breaches. It’s advisable to change your password immediately if you’re registered to any of VerticalScope’s sites. It also goes without saying that “123456” and “password” are incredibly poor picks for a password.
Multiple Major Sites Hacked in 2016
2016 has proven to be a very bad year for internet security. Among the most famous hacked sites are Twitter, MySpace and Tumblr. Some estimates range to a billion hacked accounts just in 2016! Now, more than ever, it’s important for good security etiquette to prevail among users everywhere.