Privacy News Mail.ru Forums Hack Compromises over 25 Million User Accounts

[Exterminator]

Data breach index service LeakedSource has added a slew of new hacked websites to its database, including over 25 million user records from three compromised Mail.ru communities.

The three communities are cfire.mail.ru (Cross Fire game), parapa.mail.ru (ParaPa Dance City game), and tanks.mail.ru (Ground War: Tank game).

All data dumps came from hacked vBulletin forums
All communities were running older vBulletin forum software that was compromised and allowed hackers access to the underlying data. LeakedSource obtained copies of this stolen data, which it added to its database.

The data dumps include usernames, emails, and passwords, along with other types of user details collected on each forum, based on the community's profile. None of the hacked communities stored passwords according to modern security standards. LeakedSource has started the password decryption process.

If you're wondering why is LeakedSource doing this, the company provides an API for businesses based on all the data breaches it indexes.

Companies can compare LeakedSource data against their own user databases and forcibly change passwords for accounts that might have had their password exposed via breaches on other websites.

27,449,088 user records compromised from all services
According to LeakedSource the cfire.mail.ru contained 12,881,787 user records, of which LeakedSource managed to crack the passwords for over 6.2 million accounts.

The parapa.mail.ru data dump contained the databases of both the user forum and the game database itself. There were details for 5,029,530 users in the main game database (over 3.2 million passwords already cracked) and data for 3,986,234 users in the forum database (over 2.9 million cracked).

In the tanks.mail.ru data dump, LeakedSource said it found details for 3,236,254 users but has not gotten around to cracking their passwords.

Besides these three dumps, the company also announced ten more breaches, all from vBulletin forums: expertlaw.com (190,938 users), ageofconan.com (433,662 users), anarchy-online.com (75,514 users), freeadvice.com (487,584 users), amesforum.com (109,135 users), longestjourney.com (11,951 users), ppcgeeks.com (490,004 users), thesecretworld.com (English forum - 227,956 users), thesecretworld.com (French forum - 143,935 users), and thesecretworld.com (German forum - 144,604 users).

LeakedSource: Expect more breaches
A LeakedSource spokesperson told Softpedia that all these websites were hacked and had their data stolen in August, with one in July. He also told Softpedia that they'll be adding further data dumps to their service from websites compromised via vBulletin installations.

The company also announced on its blog that it reached the 2 billion user records milestone with these recent dumps, and teased some upcoming breaches from the crypto-currency space.

Below is a list of the most common user passwords from the Mail.ru breach. "Not a single website used proper password storage, they all used some variation of MD5 with or without unique salts," LeakedSource said. "We thought the passwords used by the *.mail.ru communities were comical."