LulzSec has struck again, posting a collection of 62,000 passwords and emails on file hosting site MediaFire.
Web users have already taken some of the details to log onto others' email services, as well as access popular internet services.
One user bragged about using the details to access a dating website and switch profile pictures to lewd images. Another took screenshots of a Facebook profile they had hacked.
Confusion surrounds where the collection of emails and passwords came from. LulzSec itself admitted it was not sure.
"These are random assortments from a collection, so don't ask which site they're from or how old they are, because we have no idea," LulzSec said in a blurb for the email list.
"We also can't confirm what percentage still work, but be creative or something."
However, chief research officer at F-Secure, Mikko Hypponen, hypothesised the email lists had been taken from Writerspace.com a website for authors and communities of readers.
"Why Writerspace.com? Well, the most common passwords include these: mystery, bookworm, reader, romance, library, booklover and Writerspace," Hypponen said on Twitter.
"There are probably other sources for the passwords too, but Writerspace pretty much has to be one of them."
LulzSec also used the micro-blogging service to show its pleasure at having caused yet more havoc.
"Hope everyone enjoys that list. Good to see some refreshing carnage. We'll be back in a few hours, folks," the group said.
Today's release from LulzSec offered another sign the group is not letting up in its barrage of attacks.
Earlier this week, the collective posted details it claimed it took from the US Senate. Yesterday, LulzSec said it attacked the US CIA website with "a very simple packet flood."
-
Enterprises face delicate balancing act with data center sustainability goalsNews High energy consumption, raw material requirements, and physical space constraints are holding back data center sustainability efforts, according to new research from Seagate.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
I love magic links – why aren’t more services using them?Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
-
Password management startup Passbolt secures $8 million to shake up credential securityNews Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrencyNews The hackers behind the LastPass breach are on a rampage two years after their initial attack
-
GitHub launches passkeys beta for passwordless authenticationNews Users can now opt-in to using passkeys, replacing their password and 2FA method
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectorsNews Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
-
No, Microsoft SharePoint isn’t cracking users’ passwordsNews The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacksNews The added layer of complexity aims to keep social engineering at bay
-
As Google launches passwordless authentication for all, what are the business benefits of passkeys?News Google follows Apple in its latest shift to passwordless authentication, but what are the benefits?
