Another day, another data breach – This time Taringa, a Reddit-like social network website for Latin American users has suffered a massive data breach in which 28 million accounts of registered users have been stolen.
This was revealed when LeakBase, a data breach notification website got their hands on Taringa database. Upon scanning, it was concluded that in total, 28,722,877 records were taken from the site which includes usernames, email addresses, and their passwords hashed with MD5 algorithm cracking of which is considered as a piece of cake.
According to Taringa’s current on-site statistics, the platform has 28,512,139 registered users indicating that the unknown attackers stole a whopping 100% records from the site. But, it is unclear how LeakBase got the database and who was behind the feat.
Taringa will be inserted shortly and the analysis uploaded to our website, anyone may dm us with questions regarding the breach
— LeakBase (@LeakbasePW) September 4, 2017
Taringa has also confirmed the data breach. In a security notice, the website said that the incident took place on 1st August, but no phone numbers and Bitcoin wallets addresses were stolen neither were the site’s servers were accessed.
“We suffered an external attack that compromised the security of our databases and the code of Taringa,” the notice said.
The targeted users are now being forced to change their passwords while the site is urging users to change passwords for all other accounts.
In a conversation with The Hacker News, LeakBase claimed they have already cracked 26,939,351 (93.79%) of the stolen passwords out of which 15 million are unique. Among the data, the most used emails domains are based on @Hotmail and @Gmail while the most used passwords are 12345678, Taringa, Metallica, Musica, Carolina, and America, etc.
This is one of the biggest data breaches that took place in 2017. In May 2017, restaurant search engine giant Zomato suffered a massive breach in which 17 Million accounts were stolen and sold on the Dark Web. Last week, a security researcher discovered a combo list containing 711 Million email and passwords used by cyber criminals to spread dangerous banking trojan.
As for Taringa, if you have an account on the site change its passwords without further delay.