CBS2-Header-Logo WFAN 1010WINS WCBS tiny WLNYLogo

News

Passwords Compromised For 2 Million Facebook, Other Online Accounts

Google, Yahoo, ADP.com Payroll Site Also Among Those Affected
View Comments
Someone surfs Facebook (Credit: Getty Images)

Someone surfs Facebook (Credit: Getty Images)

TRI-STATE NEWS HEADLINES

From our newsroom to your inbox weekday mornings at 9AM.
Sign Up

NEW YORK (CBSNewYork) — Passwords for some 2 million Facebook, Google and other accounts have been compromised and circulated online, according to security experts.

CNET reported Wednesday that Trustwave’s SpiderLabs has revealed the existence of a database containing 318,121 Facebook accounts, 21,708 Twitter accounts, 54,437 Google-based accounts, and 59,549 Yahoo accounts.

The database also contained approximately 320,000 stolen email account credentials, CNET reported. It also contained passwords to FTP accounts, remote desktop details, and secure shells.

The Netherlands seemed to be targeted most, with 97 percent of the credentials belonging to users in that country, CNET reported. Thailand, Germany, Singapore and Indonesia followed, with the United States coming in with less than 1 percent of the theft reports – a total of only 1,943.

But SpiderLabs said it may be more complicated than that.

‘A quick glance at the geo-location statistics above would make one think that this attack was a targeted attack on the Netherlands,” the site says. “Taking a closer look at the IP log files, however, revealed that most of the entries from NL IP range are in fact a single IP address that seems to have functioned as a gateway or reverse proxy between the infected machines and the Command-and-Control server, which resides in the Netherlands as well.”

The reverse proxy was likely used to prevent the command-and-control server from being discovered and shut down, SpiderLabs said. It also serves to make it difficult to determine what countries were actually targeted in the attack.

Facebook was the source of the greatest number of thefts, followed by Yahoo, accounts.google.com, Twitter, and google.com. Also in the top 10 were Russian-language social networking sites vk.com and odnoklassniki.ru, it is likely that many of the victims were Russian speakers, SpiderLabs reported.

SpiderLabs also noted that adp.com, a payroll service provider, was also in the top 10 among the theft sources.

“It is only natural to have such domains in the mix, but it is surprising to see it ranked #9 on the top domains list. Facebook accounts are a nice catch for cyber criminals, but payroll services accounts could actually have direct financial repercussions,” SpiderLabs said.

You May Also Be Interested In These Stories

(TM and © Copyright 2013 CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2013 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.)

View Comments