Security Researchers Uncover 2 Million Stolen Passwords
The login credentials provide access to Facebook, Twitter, Google, Yahoo and ADP, among other sites.
Specifically, the server, which was controlling an instance of the Pony botnet, held 1,580,000 Web site login credentials, 320,000 e-mail account credentials, 41,000 FTP account credentials, 3,000 Remote Desktop credentials, and 3,000 Secure Shell account credentials.
The researchers note that while Facebook credentials may be high-profile, the server also held almost 8,000 login credentials for payroll service ADP, which would likely have more direct financial repercussions for the victims than a breach of a social networking site.
A list of the 10 most common passwords found on the server indicates once again that most people aren't exercising caution in selecting a password -- "123456" was the most popular, followed by "123456789," "1234," and "password."
Photo courtesy of Shutterstock.