Breach, Data Security, Vulnerability Management

Millions used ‘123456’ as a password in breach affecting 42 million

Nearly 42 million names, email addresses and passwords belonging to clients of dating website company Cupid Media were reportedly discovered on the same server where hackers stored information stolen from Adobe, PR Newswire, LexisNexis and the National White Collar Crime Center (NW3C).

The credentials were stored in plaintext and nearly two million of the accounts used ‘123456' as a password, according to technology journalist Brian Krebs, who, along with Alex Holden, CISO at Hold Security, has been uncovering the details of these breaches. More than 1.2 million clients used ‘111111' as a password and nearly 575,000 used ‘123456789.'

Security firm Stricture Consulting Group revealed this month that ‘123456' was the password used by about two million of the roughly 38 million Adobe customers impacted in a breach disclosed in October. That incident involved the loss of credit card data and product source code, as well.

“It has become exceedingly clear over the last several years that password reuse is one of the most significant threats to average internet users,” Patrick Thomas, a security consultant at mobile and cloud security company Neohapsis, told SCMagazine.com in a Wednesday email.

Krebs said he heard from Andrew Bolton, managing director with Cupid Media, and Bolton told him that the number of impacted members who are active is less than 42 million. Bolton told Krebs that accounts had been compromised in a January breach, but Krebs said he could not find information on that incident.

“Organizations should secure the data itself through automated encryption, as well as control administrator access to systems containing sensitive data by implementing fine-grained access controls and role-based security,” Eric Chiu, president of cloud infrastructure control company HyTrust, told SCMagazine.com in a Wednesday email.

Krebs said Bolton told him that Cupid Media will be improving security and taking other measures to prevent a similar incident from occurring, including implementation of hashed and salted passwords.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.