Password box  in Internet Browser on Computer Screen
kpatyhka/Shutterstock
By Jim Finkle

BOSTON -- Security experts have uncovered a trove of some 2 million stolen passwords to websites including Facebook, Google, Twitter and Yahoo from Internet users across the globe.

Researchers with Trustwave's SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cyber criminals use to control a massive network of compromised computers known as the "Pony botnet."

The company told Reuters on Wednesday that it has reported its findings to the largest of more than 90,000 websites and Internet service providers whose customers' credentials it had found on the server.

The data includes more than 326,000 Facebook (FB) accounts, some 60,000 Google (GOOG) accounts, more than 59,000 Yahoo (YHOO) accounts and nearly 22,000 Twitter (TWTR) accounts, according to SpiderLabs. Victims' were from the United States, Germany, Singapore and Thailand, among other countries.

Representatives for Facebook and Twitter said the companies have reset the passwords of affected users.
A Google spokeswoman declined comment. Yahoo representatives couldn't be reached.

SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.

An analysis posted on the SpiderLabs blog showed that the most-common password in the set was "123456," which was used in nearly 16,000 accounts. Other commonly used credentials included "password," "admin," "123" and "1."

Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.

"People are using very dumb passwords. They are totally useless," he said.


Increase your money and finance knowledge from home

How Financial Planners go Grocery Shopping

Learn to shop smart and save.

View Course »

Understanding Credit Scores

Credit scores matter -- learn how to improve your score.

View Course »

Add a Comment

*0 / 3000 Character Maximum

1 Comment

Filter by:
Frank The Great

duE U Walk wiTh YouR hEAD hIgH amEricAcA?
dUe U wAlK tAll oRe
nRa smALLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL?
dUe U waLk High
sniFF
SNiFFFFFFFFFFF
SNiFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
wHen U wAlk OuT wiTh yOUR lEgIonS of SaTAn?
anD Use sAtAnS PNIs piStolE 2 HunT anD mUtilAtE aND torTurE
thE aNimAl CREatIonS oF chRisT?
anD hoW mANy tYmEs a Day Due U e jACk U lATE hIZ PNIS
on cHIldrEn anD anImAlS thRouGHouT amEricA?
U dUe NOT waLk With YouR hEad HigH amEricAca.
NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO
U WalK with
sAtAN
and
nO bEttEr IN thE unItEd stAtEs thAn
2 d fEnd aGainSt thE undefendable 4
thE nRa anD thE PIGGG hunTeR with
frAC kING AturknEE
sAtAn
whO nOW tAkES amerICacA’s Fresh water SuppliEs.
seLL oIL 2 bUy yer way Out oF a RecEssIon amERRYcAcA
in2 THIRSTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT 4 Any fresH waTer.
beWARE uS amBassa DooR
thE strEAm floWs aGaINST U &
wHerE thAt dOOr
IZ OPEN.
in 2011, 201x, 201
yoUr pEnnAntS mULTEE pliEs & multi pliEs
amEricAcA

December 05 2013 at 9:40 AM Report abuse rate up rate down Reply