620 million accounts hacked after dark web data dump

Earlier this year it was revealed that 620 million accounts had been hacked after hundreds of millions of account details were stolen from online leaders Dubsmash, MyFitnessPal and MyHeritage and listed on Dream Market.

Learn more about one of the biggest cyber hacks of 2019 below.

Over 620 million accounts have been affected

The incident, which happened in February, stemmed from 16 separate data breaches and left victims’ details listed on the dark web marketplace ‘Dream Market’ alongside several other illicit items including drugs and weapons.

Details advertised varied, depending on the breach and the victims involved. Stolen data included email addresses, passwords, location and other personal details.

The seller of the details, who goes by the name of ‘gnosticplayers’, posted on the Dream Market website on 6 February:

“Feel free to message me here on Dream Market to tell me what kind of data you’re searching (crypto, gaming, or huge data sets), and I will list it here for sale right after.”

Password protection

Post-attack, Forbes reported that there may be some good news for those affected by the attack, as:

“the only data that was exposed or potentially compromised was usernames, email addresses, and encrypted passwords.

“More sensitive—and potentially more harmful—data like Social Security numbers or driver’s license numbers are not collected by MyFitnessPal, and the bank and credit card details are collected and processed separately.”

Password protection remains one of the most important elements around cyber security. Two of the five controls in the UK Government’s Cyber Essentials scheme address password security requirements directly.

Learn more about Cyber Essentials

If you would like to learn more about the controls recommended by the UK Government-approved Cyber Essentials scheme, visit the Cyber Essentials Online website.