Security News > 2011 > February > Anonymous hack showed password re-use becoming endemic

Anonymous hack showed password re-use becoming endemic
2011-02-11 09:50

http://www.theregister.co.uk/2011/02/10/password_re_use_study/ By John Leyden The Register 10th February 2011 Computer scientists have discovered that password re-use is far more prevalent than previously thought after comparing a sample of matched passwords that spilled out at a result of the revenge attack by Anonymous against security researchers HBGary with the earlier Gawker password breach sample set. Hackers affiliated with Anonymous used one of the stolen credentials, and some social engineering trickery, to gain root access a site established by HBGary, rootkit.com. The subsequent release of 81,000 hashed passwords from rootkit.com’s SQL databases has allowed researchers to compare the databaset with the much larger sample of hashed passwords from the earlier Gawker tech blog breach. Both HBGary and rootkit.com were hit by hackers affiliated with Anonymous. By comparing passwords associated with email addresses registered at both Gawker and rootkit.com, computer scientists at Cambridge have been able to find out whether these users picked the same passwords for both sites. A total of 522 email addresses were registered at both HBGary and rootkit.com. Eliminating throwaway and dubious addresses whittled the sample down to 456 pairs. [...]


News URL

http://www.theregister.co.uk/2011/02/10/password_re_use_study/