1.4 billion user credentials found on the dark web

On December 5, 2017, security experts at identity threat intelligence company 4iQ uncovered a 41-gigabyte file floating around on the dark web. The file, which contained 1.4 billion user credentials in plaintext, is not a mere list but an interactive database with quick search functionality allowing for new breach imports. Queries yield results within seconds.

The database is the largest cache of personal information found to date. It’s almost twice the size of the previous largest credential exposure, the Exploit.in list, which contained 797 million records.

According to a 4iQ blog post, finding passwords through this dark web database has never been easier. For example, inputting “admin,” “administrator,” and “root” yielded 226,631 admin user passwords in seconds. The data is alphabetical, making it easier to identify trends, such as how people set, reuse, and change passwords over time.

Anyone who uses the same password across their accounts, e.g. banking, email, and e-commerce, puts themselves at risk of compromising all their accounts in the event of an account hijack or takeover by a criminal hacker. Furthermore, when updating passwords, a person should not follow predictable patterns. A random password generator should be used when appropriate.

Dark web database is the most ambitious aggregation of user credentials to date

The database includes a file named “imported.log,” which contains data from 256 breaches, including data from the Exploit.in and Anti Public logs, and 133 more – possibly new – breaches. 4iQ asserts that approximately 14% of the passwords and usernames (about 200 million) were not previously available in “readily-usable” decrypted form.

Other database details:

    • Found in an underground forum
    • Total credentials (usernames, clear text password pairs): 1,400,553,869
    • File size: 41 GB
    • Last updated: November 29, 2017
    • Author(s) included Bitcoin and Dogecoin wallets for donations
    • A readme file explains search tools and insert scripts included in the dump

Top passwords by volume

Table courtesy of 4iQ

Learn how to protect your organization from cyber threats

The astonishing number of credentials exposed in this database is proof that cyber threats are increasingly pervasive. Your organization can take measures to protect the data it handles by implementing an information security management system (ISMS) that follows guidelines from a global standard such as ISO 27001.

An ISMS is a system of processes, documents, technology, and people that helps to manage, monitor, audit, and enhance your organization’s data security. A good ISMS helps to accomplish your data protection uniformly, consistently, and cost effectively. Its supporting guidance document, ISO 27002, provides recommendations for managing account passwords to protect your data.

To find out about implementing an ISMS based on ISO 27001, visit our webpage >>