Brian Krebs discovered Adobe source code on the hackers’ server and now it is discovered again by the Krebs that the Online Dating website Cupid Media files also stored on the same server.
Krebs also identified more about the files, he reported about one of the database which contains email addresses, passwords, names and date of birth. Information of more than 42 Million Cupid Media users over there. The main fact is passwords are in clear text.
Cupid Media was cyber-attacked in January 2013, in which company notified the affected users to change their passwords, but the issue was not publicized, reports Softpedia.
After the cyber attack, company has taken steps to improve their security, such as hashing, salting passwords and new rules also implemented to make sure that user set strong password, told company Managing Director, Andrew Bolton.
After files being provided by Krebs to company, it Double-checked the data to make sure that all of the affected users have reset their passwords.
During the Double-check process, it is found that most of the users use simple password combination to log into their accounts, 1.9 Million used the password “123456” and 1.2 Million used “111111.”
Some more passwords, which being used by most of the customers:
- iloveyou
- lovely
- qwerty
- password
- azerty
- loveme
- aaaaaa
- mylove
- iloveu
- zxcvbnm
The emails exposed are from the major companies like Gmail, yahoo and etc. However, 56 belong to Department of Homeland Security employees, 11, 508 of Employees of the US Military and 9,844 from the US government employees.
