HackDig : Dig high-quality web security articles for hacker

Taringa Data Breach, over 28 Million users affected

2017-09-04 16:05

The data breach notification website LeakBase reported to the colleagues at THN the Taringa data breach, over 28 Million users’ data exposed.

Taringa, also known as ‘The Latin American Reddit’, is a popular social network used by netizens in Latin America to create and share thousands of posts every day on general interest topics.
The data breach notification website LeakBase reported to the colleagues at THN that Taringa suffered a data breach. LeakBase has obtained a copy of the stolen database containing details on 28,722,877 accounts, including usernames, hashed passwords, and hashed passwords. LeakBase has shared a dump of 4.5 million Taringa users with the peers at The Hacker News in order to check the data.

The hashing algorithm used to protect the passwords is the weak MD5 that is considered no more secure because it can be easily cracked, in fact, LeakBase researchers already cracked 93.79 percent (nearly 27 Million) of hashed passwords is a few days.

Experts at THN contacted users whom emails were included in the dump they received, they confirmed the authenticity of their credentials.

It seems that the data breach is dated back August, but the company did not publicly disclose it. The company Taringa only reported the data breach to users who logged in to the website.

Taringa Data Breach hacking

In response to the data breach, Taringa is sending a password reset link via an email to its users when they access their account with an old password.

LeakBase researchers successfully cracked 26,939,351 out of 28,722,877 passwords MD5-hashed. The archive contains more than 15 Million unique passwords. Below statistics related to the Taringa data breach:

The bad news is that also, in this case, Taringa users adopted easy to guess passwords such as 123456789, 123456, 1234567890, 000000, 12345, and 12345678. Most passwords were six characters long, the circumstance suggests the Taringa platform did not force users to choose strong passwords.

Taringa data breach

The most used email services are hotmail.com and gmail.com.

Taringa users are anyway recommended to change the password as soon as possible.

Further details on the LeakBase’s analysis are available at the following link

https://leakbase.pw/analysis/taringa/

Pierluigi Paganini

(Security Affairs – Taringa Data Breach, cracking)

The post Taringa Data Breach, over 28 Million users affected appeared first on Security Affairs.


Source: lmth.hcaerb-atad-agnirat/hcaerb-atad/40726/sserpdrow/oc.sriaffaytiruces

“Taringa Data Breach, over 28 Million users affected”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud