While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been breached.
The malicious ShinyHunters was behind the Mathway breach, just one of a string of attacks credited to the group during the past few weeks, the most noted involving Microsoft’s GitHub repositories. Shiny Hunters may also be behind the recently reported breaches of Indonesian e-commerce giant Tokopedia and Indian e-learning platform Unacademy, among many others.
Shiny Hunters did acknowledge that the breach took place in January 2020, according to a ZDNet report.
According to Mathway’s statement, the passwords themselves were not acquired, but cryptographically protected versions of the passwords. Mathway claims there’s no cause for concern and simply advise subscribers to the popular math app to reset their passwords.
“We have no reason to believe that customer credit card or any further personal information was affected in this incident,” the statement read. “If customers had previously purchased a subscription with Mathway, that information is stored in a separate system with no evidence of access.”
Some security researchers are not so sure.
Zack Allen, director of threat intelligence at ZeroFOX, says a cryptographic hash serves as an industry standard for passwords, but the type of hash a company uses matters. A salt adds an additional layer of security on top of cryptographically hashed passwords; it helps protect against pre-computed hash attacks such as rainbow tables.
Allen’s bottom line: Mathway should have published what type of cryptographic hash they used, adding there are ones that should be used for passwords, such as PBKDF2, bcrypt and scrypt. He adds that according to a few floating dark web threads reselling Mathway, the storage mechanism for the passwords is PHPASS, which gets salted MD5, but that’s not 100% certain.
“And actually, MD5 is an outdated cryptographic hash and is rather terrible,” Allen says. “The salt makes it somewhat better… but it was designed to be extremely fast, which means that if I wanted to crack these passwords, I could do so on a rig that computes millions of MD5 hashes a second. With more secure cryptographic hashes, such as bcrypt or scrypt, it is much slower to compute the hash, but that is by design and doesn't matter to us as end users. PHPASS, if using MD5, is not desirable. If it uses bcrypt instead, then it’s desirable. Without more details from Mathway, I would hope they used bcrypt, and I would be worried if they used MD5.”
Fausto Oliveira, principal security architect at Acceptto, adds that the fact that hackers could access the database as early as January raises at least three substantial concerns.
First, Oliveira said the Mathway security systems failed to detect the breach and the hackers could eliminate traces of their presence. Second, Mathway’s user database was accessible to the hacker and the content was not encrypted correctly, otherwise they would have only gotten unreadable data. Finally, the website still depends on passwords, which are easily hackable.
“There’s absolutely no reason in this day and age to still rely on easy to compromise credentials such as passwords when there are so many alternatives that improve security and peace of mind,” Oliveria said. “The surface of attack was open for at least four months. Therefore, it could have also been exploited by other threat actors.”
Mathway also indicated that the incident was referred to law enforcement, which has launched an investigation.