Soldato
- Joined
- 1 May 2003
- Posts
- 11,103
Some 45 million logins for 939 popular sites including motorcycle.com, autoguide.com, and mothering.com have been stolen.
The method of attack and actor responsible is unknown, although many of the sites ran a vastly outdated and hackable versions of vBulletin.
Usernames, email addresses, IP information, and passwords are breached.
"Most of the records (over 40 million) were just MD5 with salting and this is insufficient."
Popular passwords included the regular shockers, along with a scattering of seemingly randomised strong codes. The second most popular password was '18atcskd2w' used by 91,103 accounts, with '3rjs1la7qe' coming in fourth spot used by 74,806 accounts.
More information can be found here - https://www.leakedsource.com/blog/verticalscope
The mind boggles how owners of these sites can use such weak hashes and not patch system vulnerabilities
I'm sure OcUK don't make these huge mistakes