Security Update: Hacked email accounts being sold online

More than 25 million Gmail and Yahoo accounts are being sold online, according to a new report.

According to HackRead, a hacker named SunTzu583 is asking for $450 for 21,800,969 Gmail accounts, 75% of which supposedly contain decrypted passwords.

SunTzu583 wants another $200 for a further 4,928,888 accounts, which allegedly contain email addresses and clear text passwords.

The cybercriminal is also selling 5,741,802 Yahoo accounts.

Executive PA Magazine’s Tim The Techno Bloke recommends changing your password even if you don’t believe your log-in details have been compromised. “You should change your passwords at least seasonally, or more often, for every online service you use. This ensures that if any hackers obtain your credentials, they will be useless as soon as you change your password.” Tim says hackers like SunTzu583 compile the details over weeks and months, so by the time such details go ‘on sale’, the credentials of users who change their passwords regularly are already out of date.

“For that reason, it’s also important to use different passwords for different services,” Tim said. “I know that can daunting to remember so many, but you want to be sure that if, for instance, your LinkedIn account is hacked, the crooks can’t also access your Facebook account with the same credentials.” Tim recommends inserting something into the middle of your password that relates to the site you are logging into, like “LI” for LinkedIn or “FB” for Facebook. That way you can use similar passwords, with a unique easy to remember differentiator added to each one.


Tim The Techno Bloke writes the Technofile and Office Solutions articles for Executive PA Magazine.