Hundreds of millions of email addresses and some passwords have been leaked onto the internet, in probably the biggest dump ever.
A broken spambot has made the details available on the internet, potentially endangering anyone contained within it. And it also includes passwords, meaning that some people’s accounts may now be compromised.
But despite the fact that 711 million addresses are contained within the dump – enough to give one each for every man, woman and child in Europe – it’s unlikely that each belongs to a real person. The true number of real people is likely to be much smaller, because the dump contains a range of fake and repeated addresses, said Troy Hunt, the security researcher who made the breach public.
All of the emails were collected by people running a spambot, which sends out emails en masse to people in the hope that they’ll be tricked into clicking onto them and giving up money. They were storing those addresses on an email server that wasn’t properly secured, meaning that other people could simply drop in and download them all.
As well as the addresses, the dump also contains millions of passwords for some of those same email addresses. But Mr Hunt, who runs the website Have I Been Pwned, said that they appeared to have been taken from other password dumps, like that from LinkedIn, meaning that most people were already exposed to those security problems.
No comments:
Post a Comment