Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hackers leak 13,000 Passwords Of Amazon, Walmart and Brazzers Users


  • Please log in to reply
24 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,271 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:04:42 PM

Posted 27 December 2014 - 04:03 PM

 

Hackers claiming affiliation with the hacktivist group "Anonymous" have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network.
 
The stolen personal information was released in a massive text document posted to the Internet file-sharing website Ghostbin (now deleted), on Friday. The document contains a huge number of usernames and passwords, along with credit card numbers and expiration dates.
 
The news came just a day after the hacker group Lizard Squad compromised Sony’s Playstation and Microsoft’s Xbox Live gaming networks on Christmas day, which is estimated to have affected Xbox's 48 million subscribers and PlayStation's 110 million users, making it a total of more than 150 million users worldwide.
 
 

However, data breach of 13,000 users is not the biggest data breach we've ever seen. When millions of passwords are used for sites around the globe, chances are very minor that our’s among those compromised. But still it’s important to note as these accounts come from a variety of online sources and among those, some are really very popular.

Hackers leak 13,000 Passwords Of Amazon, Walmart and Brazzers Users

 

Just to be on the safe side, users are advised to change their passwords if they have accounts on these  websites.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


BC AdBot (Login to Remove)

 


#2 Bleky

Bleky

  • Members
  • 185 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on internet
  • Local time:08:42 AM

Posted 27 December 2014 - 04:19 PM

Passwords changed,do you know can they purchase anything without the Security number and my other data?

#3 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:02:42 AM

Posted 27 December 2014 - 04:45 PM

Anonymous are the most annoying bunch of morons ever. I am kind of sad the Jester will no longer be in the social realm. He was the only one that could get under their skin.


Edited by DeimosChaos, 27 December 2014 - 04:45 PM.

OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#4 Bleky

Bleky

  • Members
  • 185 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on internet
  • Local time:08:42 AM

Posted 27 December 2014 - 04:59 PM

Wait! Maybe they have the passwords,but not the Credit Card info if they didn't log in the accounts

#5 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:06:42 PM

Posted 27 December 2014 - 06:08 PM

This hacker group Lizard Squad, have been attacking the TOR network also, and testing their "Tor 0day"

We are testing our new Tor 0day.

http://www.pcworld.com/article/2863752/hackers-target-tor-as-playstation-disruption-continues.html
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#6 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 27 December 2014 - 06:55 PM

Here are more details from The Daily Dot. It looks like the breach was mainly of X Box and Playstation users which explains why there were service problems at both earlier this week.

 

 

 

 

http://www.dailydot.com/politics/anonymous-lulzxmas-passwords-credit-cards/?tw=dd



#7 Stolen

Stolen

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:42 AM

Posted 27 December 2014 - 10:18 PM

"Verifying leaks uncovers "fake leaks" from databreaches.net whereby apparently an analysis and comparson was done with the ghostbin and found some of the leaks were the same as other previous leaks which date back to as early as 2011 as well as the Amazon leaks actually being netflix and so on. 

 

I am posting this link for information only as I do not have the expertise to evaluate or confirm the facts. 

 

Is anyone able to actually locate the Ghostbin that was taken down? 



#8 rp88

rp88

  • Members
  • 3,024 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:42 AM

Posted 27 December 2014 - 10:25 PM

"Passwords changed,do you know can they purchase anything without the Security number and my other data?"

Amazon is not too great on this, let me explain. On amazon you just enter the single long number on the front of your card to pay (it never asks for the 3 digit security code on the back) and amazon by default saves a "new payment method" when you use a card. Most online purchasing requires the 3 digit code to be entered but amazon has done away with this, perhaps something to do with "one click" ordering. Unless you have an order which you have made but are waiting on delivery then i would suggest logging into your account and deleting the list of cards (and other payment methods) until you next want to buy something, then you can just type in the number again (and it will save itself again and you may wish to delete it again once the next order arrives).



Do we yet now where the leak came from:
Was it by the crackers breaking into a huge database but only getting 13000 results out before they were stopped?
Was it from keylogging on 13000 victim's machines?
Was it from some malicious wifi hotspots set up in public places which snooped on the traffic of 13000 people?
Was it from deceiving 13000 people by encouraging them to log into something that looked like amazon/xbox network/playstation network but was actually a fake copy?
Was it from bruteforcing of passwords for those who had been usng single dictionary words as a password?
Was it by setting up a page called "have you details been hacked" encouraging users to enter details and check and actually collecting those details rather than comparing them to a list of hacked accounts, a list which they were writing from the data that users input?

Edited by rp88, 27 December 2014 - 10:25 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 Bleky

Bleky

  • Members
  • 185 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on internet
  • Local time:08:42 AM

Posted 28 December 2014 - 04:21 AM

Well the bank will alert me if there is suspicious activity

#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:42 AM

Posted 28 December 2014 - 05:02 AM

I have an account on Amazon, but only to look around and put things on my wishlist. No credit card info there (and I don't have one either).

Should I be worried?

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 AM

Posted 28 December 2014 - 08:48 AM

Folks should be changing their passwords on a regular basis as a best practice....not waiting until a site is hacked.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:42 AM

Posted 28 December 2014 - 09:37 AM

Folks should be changing their passwords on a regular basis as a best practice....not waiting until a site is hacked.


It's not that simple, quietman... I think my mom has been using the same password for her mailbox from the moment she knows how to work a computer.

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 AM

Posted 28 December 2014 - 09:42 AM

Then don't you think you should be educating your Mom about this? There are plenty of articles you can recommend she read in regards to this without making her feel like she is being lectured.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:42 AM

Posted 28 December 2014 - 09:55 AM

Then don't you think you should be educating your Mom about this? There are plenty of articles you can recommend she read in regards to this without making her feel like she is being lectured.


I'll try sending her the Bleeping Computer articles, although I'm not sure if she's going to read it.

#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 AM

Posted 28 December 2014 - 09:57 AM

All you can do is try...the rest is up to her.

Here are a couple articles.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users