A group of hackers – the same claiming responsibility for the recent World of Warcraft DDoS – now claims to be in possession of a couple of million accounts from a wide range of social media, gaming and other online services, including 2K games, PlayStation Network and Windows Live.
2,131 PSN ID 1,473 Windows Live and 2,000 2K Game Studio accounts have been dumped in to a public Pastebin, with the group saying they have many, many, many more to share.
“Dear Internet,” the Pastebin document says, “The following is a very small portion of Lord Gaben and the rest of his crew’s glorious raids across the high seas of the Internet.”
“We have 800,000 from 2K and 500,000 credit card data. In all of our raids we have a total of around 7 million usernames and passwords,” an alleged spokesperson for the group says. “We have around 2 million Comcast accounts, 620,000 Twitter accounts, 1.2 million credentials belonging to the CIA domain, 200,000 Windows Live accounts, 3 million Facebook, 1.7 million EA origins accounts, etc.”
Even if yours aren’t the publically available details, it’s probably in your best interests to go about changing all of your online passwords. Again. Their goal, they claim, is to force companies to increase their online security, which in turn makes for better consumer service. While they had no intentions of leaking anything, they feel their hand has now been forced as people have failed to take them or their claims seriously in the past.
“You heard about Anonymous knocking the entire .Mil domain offline? Well that was us! You hear of RedHack launching DDoS attacks against Turkey’s government? That was us as well! You heard about LulzSec knocking gaming servers and websites offline? Well that was us too! And that was us who knocked Syria’s internet offline earlier this year. DerpTrolling really has many forms, most people only see the Gaming side of us! We can be very serious hackers.”
Last Updated: November 21, 2014
Fnuik
November 21, 2014 at 08:07
Bunch of fucknuts!
Lord Chaos
November 21, 2014 at 08:13
Agreed. Round them up and put them all in a burning building.
Brady miaau
November 21, 2014 at 08:21
surely you mean in a soon to be burning building, with mysteriously broken locks and windows?
Lord Chaos
November 21, 2014 at 08:23
Nope, flames should already be burning so they know what’s coming.
Brady miaau
November 21, 2014 at 08:24
So, a helicopter drop then?
Lord Chaos
November 21, 2014 at 08:25
Just high enough so they break their ankles.
I might need help. O_o
Kensei Seraph No DA:I spoilers
November 21, 2014 at 08:26
Yeah, it would be difficult to fly a helicopter and throw people out of it at the same time.
Lord Chaos
November 21, 2014 at 08:29
I meant the Psychological kind, the heli you can just tip and let them all fall out.
Alien Emperor Trevor
November 21, 2014 at 09:00
And a helicopter. To get to your appointment on time, obviously.
Kensei Seraph No DA:I spoilers
November 21, 2014 at 09:03
I refuse to dance around waving pompoms around for you.
Mossel
November 21, 2014 at 08:15
There is not a chance they hacked my password, it is literally a bunch of random numbers and Afrikaans swear words.
ToshZA
November 21, 2014 at 08:17
The number is the amount of times you’ve had to change your password, the rest is describing how you feel about it?
theseasonswither
November 21, 2014 at 08:28
^ This!
Mossel
November 21, 2014 at 08:32
The number is obviously my age multiplied by my best year at varsity and divided by the time it takes me to down a draft.
ToshZA
November 21, 2014 at 08:42
(58 * 1) / 58s
So “1joumasedinges”?
Mossel
November 21, 2014 at 08:48
It should be 0 for all practical reasons. Because any number divided by infinity should approach 0. (I take forever to down a draft)
ToshZA
November 21, 2014 at 08:55
hahahaha 😀
Alien Emperor Trevor
November 21, 2014 at 08:18
Because no one would guess “joumasekoeksusternommer1” :/
Captain JJ the fair
November 21, 2014 at 08:23
*123
Mossel
November 21, 2014 at 08:33
That is like the censored version…
Thats_how_I_Troll
November 21, 2014 at 11:02
Your password does not meet the requirements:
You need at least one Special Character in there… What we define as special, is for you to figure out. Also joumasekoeksuster1 has been used in the past year…. (Happy accident)
Exalted Overlord Geoffrey Tim
November 21, 2014 at 08:20
If they can access the database, and not use brute force. they don;t need to *guess*.
Mossel
November 21, 2014 at 08:31
That is true. My password is quite long so I’m covered with brute force. But if they hacked the database then all my efforts were in vain!
Frost
November 21, 2014 at 09:36
Not quite true. If they have access to the db all they should have is the encrypted passwords, hopefully encrypted in a way that can’t be reversed engineered yet. Also hopefully with a unique SALT value for each user added into the encryption so that they have to create a lookup-table for each user.
Look at this, this explains it pretty well, even if you aren’t a developer:
https://crackstation.net/hashing-security.htm
Double-O-Six and a half
November 21, 2014 at 11:04
You’re assuming that passwords are kept in an encrypted table… bad assumption. You’re also assuming that people don’t do stupid things like encrypt the database but then log all login attempts in the log files including user names and passwords and store them in clear text in an unencrypted, unprotected log file…!
Been in the Infosec game 23 years, seen some really wacky stuff, including people who encrypt databases but then leave the key on an unprotected admin share with the admin password being “pass123″… There’s unfortunately more than one way to skin the cat or in this case skim the data…
Frost
November 21, 2014 at 11:09
Not assuming anything. That’s why I used the words “should” and “hopefully” as often as possible 😛
The closest I get to assumptions is that I hope big companies like this will have decent security at best. Nothing is unbreakable, all you can ask for is that they make it as difficult as possible.
Double-O-Six and a half
November 21, 2014 at 11:44
True, although “Big Companies” are often the worst transgressors: security tends to be the poor cousin from Delmas or other places on the East Rand that nobody wants to talk about or to…
Brady miaau
November 21, 2014 at 08:20
Not so much, if they really wanted to. unfortunately. It does make it a bit more difficult, but remember they do not brute force your password. They attack either the comms to the system or the system itself.
Mossel
November 21, 2014 at 08:34
Yeah then I’m screwed. Dammit. Luckily we hove plenty of colourful words in Afrikaans! xD
Brady miaau
November 21, 2014 at 08:18
look, I am getting sick and tired of having to increase the number behind my initials every few weeks. Can these guys just cut it out for once? If we ask nicely? With a brick in a pillow?
Alien Emperor Trevor
November 21, 2014 at 08:20
Such high minded ideals. Thank you glorious freedom fighters for trying to make the internet a safer place from you. Wait… that… doesn’t… make… sense…
Brady miaau
November 21, 2014 at 08:23
Wayne Rooney was unhappy wanted to leave MU years ago, because he thought the club was not attracting enough top talent. He was then convinced to sign a contract extension. SO
Rooney unhappy at lack of club top talent
Rooney hears that Rooney, a top player, has been retained by the club
Rooney is happy to hear the club matches his own ambition
Captain JJ the fair
November 21, 2014 at 08:23
*goes off to change passwords*
Alien Emperor Trevor
November 21, 2014 at 08:29
Well the only one I have there is Origin, and what’s the worst they can do with that? Use Origin?
Captain JJ the fair
November 21, 2014 at 08:31
They can have my Origin, the password I have on that one is so easy too. I have none of my details stored on it anyway.
Mossel
November 21, 2014 at 08:35
Delete your mass effect saves?
Alien Emperor Trevor
November 21, 2014 at 08:42
They can try. Gamesave Manager FTW.
RinceThis
November 21, 2014 at 08:44
And you were talking about it just the other day 🙂
JHN
November 21, 2014 at 08:25
Dicks
Sir Rants A Lot is a DADDY
November 21, 2014 at 08:26
Eish. Do you know how many passwords I have? *Cries*
Captain JJ the fair
November 21, 2014 at 08:27
Same here.
theseasonswither
November 21, 2014 at 08:30
Keepass.
Enough said.
Sir Rants A Lot is a DADDY
November 21, 2014 at 08:31
Huh?
RinceThis
November 21, 2014 at 08:33
Isn’t it a programme where you can store all your passwords?
Mossel
November 21, 2014 at 08:40
No it’s a program where you store all your passwords.
Alien Emperor Trevor
November 21, 2014 at 08:43
That’s what I use. He needs to get with the programme.
Captain JJ the fair
November 21, 2014 at 08:44
I’ve never even heard of that programme.
Sir Rants A Lot is a DADDY
November 21, 2014 at 08:44
Lol ok ok I will download
Double-O-Six and a half
November 21, 2014 at 11:06
Note it actually means “Keep Pass” as in Keep Passwords not “Keep Ass” as in store a$$holes… We actually do have a Keep Ass in SA… it’s currently in Parliament…
Sir Rants A Lot is a DADDY
November 21, 2014 at 19:56
loooooooooooool
Mossel
November 21, 2014 at 08:35
I have a spreadsheet of all my passwords and usernames, which in turn is also password protected.
Captain JJ the fair
November 21, 2014 at 08:36
Rather write it out on a piece of paper. No one can write anymore these days anyway and it can’t be hacked ;P
Mossel
November 21, 2014 at 08:40
You mean to say I should physically scribble these random letters and numbers on a piece of paper? This is so crazy it might just work!
Captain JJ the fair
November 21, 2014 at 08:44
Just keep a keyboard nearby in case you forget what some of the letters look like.
RinceThis
November 21, 2014 at 08:44
HAHA!
Alien Emperor Trevor
November 21, 2014 at 08:42
I tried to write down something other than numbers a few days ago. It didn’t work out so well.
Cadis Etrama Di Umar
November 21, 2014 at 08:27
“Customers deserve better!…..Let’s hack all their accounts and steal their credit card details”….
“We need to change the gaming media, we need to more ethical journalism to happen…Lets send death threats to to prominent people in the industry and belittle women”
“We need to bring balance back to this sick society…Lets discriminate against women and put men back on their rightful spot on top of the hierarchy “
Alien Emperor Trevor
November 21, 2014 at 08:58
Haha oh you! Who’d do silly things like that? O_o
RinceThis
November 21, 2014 at 08:30
What a bunch of fucktards. Go get a job you insecure losers.
RinceThis
November 21, 2014 at 08:32
You’re doing this FOR us? http://www.reactiongifs.com/r/2013/01/confused.gif
Hammersteyn
November 21, 2014 at 08:38
http://lahwebdesigns.com/redesign/wp-content/uploads/12345.jpg
ToshZA
November 21, 2014 at 08:41
Oh just fast forward, you’ll be able to see if they use your password or not.
HvR
November 21, 2014 at 08:55
We are Anonymous!
We are Legion!
http://img-9gag-ftw.9cache.com/photo/aPv8mAP_460sv.mp4
HairyEwok
November 21, 2014 at 09:16
They’re speaking in their comments like it’s a Facking game. Those are sensitive files for fack sakes leave it be, I don’t come around stealing your sh!t now am I?
Mark Treloar
November 21, 2014 at 09:31
Cut their hands off
Purple_Dragon
November 21, 2014 at 09:32
Arseholes.
CAE9872
November 21, 2014 at 10:50
shit
Galbedir
November 21, 2014 at 13:12
I refuse to change my passwords again, I literally have about 6 now for different things, If I have to change them again I won’t remember any of them. Although I do enjoy the SMS authentication. This is the reason why I don’t save any of my credit card details on sites, even steam. I’d rather just type it in every time.
rollingmol
November 21, 2014 at 14:17
Darn I need to rename my dog again.
Ryanza
November 21, 2014 at 14:24
Ryanza will buy The Witcher 3 and play it for years without ever needing a fucking password.
Don’t support DRM.
ZODIAC
November 24, 2014 at 11:57
tell em 2 hack drones xpeciely MQ SERIES…… JUST GO BIG & AND MAKE DO THEIR WORK ……. I PLS