VK.com Data Breach Contains 100 Million Cleartext Passwords

It is sure that social networking is quite entertaining and fun. However, when huge data breaches happen like the one which we are going to inform you, then users have to pay heavy price - Reports are revealing that more than hundred million users of Vk.com, a social networking website of Russia, have been exposed and are being sold in the digital underworld after breaching of enormous data.

For our readers' information, Vk.com is founded by Pavel Durov, is rather a sister site of Facebook as it is very much motivated by the social network in features and layout. Vk.com is a very well-known social networking website in Russia as it offers almost similar services which Facebook offers like image uploads, profile creation, Like button, instant messaging and post options. Later on, Durov sold his stake of Vk and produced the messaging application telegram in its place. TechCrunch analysed and found that Vk.com has around 100 million users in 2014.

The analysis revealed: "Passwords were stored in plaintext with no hashing or plaintext. VK is not following the methods for storing passwords as proposed by Internet because hackers can now see all 100 million passwords used on the site".

The hacker, who operates under a nickname, peace_of_mind, is selling the information to an underground site for 1 bitcoin ($750).

Different reports suggest that the data is correct. Infosecurity-magazine.com posted on 6th June, 2016 stating that Vk.com has struck back by claiming that it has actually not been breached and so the subject data was stolen from individual account holders.
It is believed that all the MySpace, Linkedln and Tumblr breaches have occurred between 2012 and 2013 when some sites did not practice up-to-par Web security policies like salting passwords and hashing.

LeakedSource's analysis reveals that the most popular password in the dataset was "123456" with 709,067 appearances. Several other passwords were anticipated which include "123123", "qwerty" and "qwertyuiop."

LeakedSource says that the huge majority of email addresses use the "@mail.ru" domain with 41,132,524. Other Russian services dictate the list of top email domains.

» SPAMfighter News - 6/13/2016