Blog /The Swarm Gets Scary

The Swarm Gets Scary

June 16, 2011 12:45 +0000  |  Hacking 8

In case you haven't heard, the hacker group LulzSec has just released a Great Big List of Emails along with their passwords. They haven't revealed where or how they got the list, rather they've released it simply to watch the chaos that ensues.

This is a very big deal, and your email address might be on the list, so I've re-posted it here (without the passwords of course), so you can go down the list, and search for your own address(es). If you find one on there, change the password immediately (if you can) and if you've ever conducted any financial business through that account (orders on Amazon, etc.) watch your credit card records for the coming months for suspicious activity.

When they were just hacking into and defacing websites or disabling company services, I was a big fan of LulzSec, but now that they're targeting innocents, they've lost my support and I can't be alone. Please, if you don't do so already, make sure that you follow these rules for passwords on your various Internet accounts:

  • Use a different password for each account.
  • Change that password (or the way in which you generate it) regularly.

On the one hand, they've done a lot of damage here, damage to people who really didn't deserve it. But at the very least, we can take this as a lesson on how to better protect ourselves online. It's only going to get more complicated from here on.

Comments

Stephen
16 Jun 2011, 1:38 p.m.  | 

luckily I'm not there, but then my security is insane right now.

1) my important passwords are crazy hash that nobody can remember
2) they are secured in lastpass that no requires a physical yubikey in order to unlock
3) my gmail has two-factor authentication, so even after the yubikey and lastpass, you need to enter a ever changing code generated by my cellphone

cool eh?

Daniel
16 Jun 2011, 1:42 p.m.  | 

Stephen that is awesome. I shall have to setup something similar.

Stephanie Hobson
16 Jun 2011, 5:28 p.m.  | 

From the title I expected this to be about the riots.

Daniel
16 Jun 2011, 5:38 p.m.  | 

Heh, I suppose it would have worked for both eh?

noreen
16 Jun 2011, 5:51 p.m.  | 

thanks for the list!

VyRy
22 Jun 2011, 9:57 a.m.  | 

I am working on a project at the moment that is mass mailing every single one of those emails with a warning that their name is on the list, how it was made public, and how they can protect themselves in the future.

I have been spending hours trying to format the list so remove garbage data. You have done the dirty work for me. Thank you so much. As we speak I have a quick dirty script running that is converting the list to INI format. Cheers.

-VyRy Vendetta ViRii

Daniel
22 Jun 2011, 10:03 a.m.  | 

Well I'm not sure why it took you hours to do it, the whole list was done in about 5min and a one-liner of sed. But I'm glad I could help.

VyRy
22 Jun 2011, 10:31 a.m.  | 

It took me hours because I was pre-occupied with coding, and laziness. My original plan was to send the password for each account with the email to let the users know that it isn't some kind of trick.

-VyRy Vendetta ViRii

Post a Comment

Markdown will work here, if you're into that sort of thing.