- Apr 24, 2016
The private data and passwords of millions of Dutch people are leaked after a hack at the popular webshop Allekabels. According to experts, this is the largest data breach with passwords in the Netherlands ever. The stolen data is misused by criminals.
This is evident from research carried out by RTL Nieuws, which has seen and verified the stolen data. Allekabels' stolen database, containing the private data of some 3.6 million people, was put up for sale on a hacker forum at the end of January for a sum of 15,000 euros.
The ad was removed months ago, suggesting that the data was then sold. They are now traded among cyber criminals, and the data is actively misused to send, scam or hack people phishing messages.
Millions of passwords
In total, some 2.6 million unique email addresses are linked to names, home addresses, phone numbers, dates of birth and encrypted passwords. Those passwords still need to be cracked first, which is common after a data breach. With Allekabels, that's a piece of cake: a lot of the passwords are very weakly encrypted and can be cracked within seconds, according to experts.
The other million data is personal data of people who have ordered from Allekabels via a webshop such as Bol.com and Amazon. No email addresses or passwords were leaked from them.
It is the largest password data breach in the Netherlands ever, according to ethical hacker Rickey Gevers. He is the founder of Scattered Secrets, a website where you can look up in which data breaches your data occurs. "The Allekabels leak is extremely interesting and valuable to cybercriminals because of all the passwords and sensitive information," he said. In second place is prostitution site Hookers, of which some 250,000 passwords were leaked in 2019.