Over 1 million Gmail and Yahoo accounts have been found for sale on the dark web in what seems like a never-ending blow to Yahoos security reputation. In what’s been a horrible few months for Yahoo as a number of breaches continuously unravel, both Yahoo and Gmail have received a shocking blow regarding internet security.
A report has noted that a seller that goes by the name of SunTzu583 is offering accounts both Gmail and Yahoo email accounts for sale that have been stolen from numerous source over the past few years. Among the compromised information are 100 000 yahoo accounts including usernames, email addresses and plain text passwords. As per HackRead, these were harvested from the 2012 Last FM hack. Info Security (2013 Adobe breach) has also reported on large numbers of Yahoo accounts for sale, in particular accounts that were stolen during the Adobe and Myspace hacks that occurred in 2013 and 2008 respectively. Again, usernames, email addresses and decrypted passwords were stolen.
What’s most freighting however, is that the amount of Gmail accounts that are currently available via the dark web, really does make Yahoo’s Security concerns rather insignificant. Currently there are over 1.2 million new Gmail accounts for sale, said to be from a variety of different breaches. Drop Box, Myspace, Tumbler and Adobe just to name a few.
After all we are talking about the company with over 70% of the worlds email market share. Unable to provide the security we need. And although it is the latter organisations that withholds Google sign in information and therefore the responsibility to keep that information confidential; Could it be that Googles ability to log into an outstanding amount of different apps through API isn’t the best thing after all. I mean you are basically entrusting the security of your client’s information with numerous different companies. And on the surface, ask yourself how safe that really seems? Safe enough? Apparently not.
Users that are worries about the security of their email account, particularly if you own a yahoo or gmail mail account, should change their password immediately. Make sure that all your passwords are unique and with pattern and add 2 factor authentication where it is possible.