IT Security Guru: 50 million iMesh records up for sale on dark web

June 15 — 50 million iMesh records up for sale on dark web

iMesh, a now defunct service that was once one of the biggest P2P sites in the US, reportedly suffered a data breach in 2013 which has now led to a huge database of 51 million users’ credentials going for sale on the dark web.

So it’s another big breach in the news, will we ever learn? The issue is that so much data has been left online by web users, giving hackers reams of intelligence to work off should they decide to target you. Lisa Baergen, Director of NuData Security, explained to us why this matters:

“While it’s good practise to change your usernames and passwords often, victims of a breach need to understand that every single piece of identifiable information exposed is important. Credentials from various breaches are sold in packages on the dark web used, and used to build a “Fullz”, or full online identify profile. These full profiles are sold for higher value than just pieces, because the more complete the information, the more fraud can (and likely will) take place.

“For example, if I’m a hacker and gain access to geographical data on John Smith from breach one e.g. LinkedIn, and bank account information from breach two, I can fill out a loan application or apply for a new credit card as John regularly would. OR more frighteningly, gain access to your work credentials, where the damage could be colossal.

For the complete article, go here.