gschwendt
06-17-2011, 10:30 PM
Report: LulzSec hacking group releases thousands of account logins, includes Xbox Live and Facebook
Adding to the list of game-related companies it has attacked, LulzSec yesterday claimed to have stolen and leaked the login and password information for approximately 62,000 "internet accounts," reports the CBC. The stolen info is said to comprise logins/passwords from Facebook, Twitter, "dating sites," PayPal and, notoriously, Xbox Live. It is also claimed that the majority of accounts are from the United states, though several other countries are named in the report.
The account database info is still currently available through the LulzSec website (though we'd suggest not visiting) -- various folks on Twitter responding to the group claim to have done a variety of things with the information, from having a large pack of condoms delivered to an elderly woman, to one person saying they bilked a PayPal account for £250 ($404).
Earlier this week, the group attacked and successfully took down a handful of game industry websites, including EVE Online, Minecraft and The Escapist. All three sites quickly recovered and have been online since. Microsoft has yet to respond to request for comment on yesterday evening's alleged breach.
Update: Microsoft has released a statement, which states that Xbox Live was not compromised to the best of Microsoft's knowledge, and the logins/passwords were released at random, with people encouraged to try said information on services like Xbox Live (among others). "This group appears to have posted a list of thousands of potential email addresses and passwords, and encouraged users to try them across various online sites like Xbox Live in the event one of the users happens to use the same password and email address combination. At this time we do not have any evidence Xbox Live has been compromised. However we take the security of our service seriously and work on an ongoing basis to improve it against evolving threats."
----------
Best to use caution, if you haven't changed your passwords in six months, it's best that you change them now.
If you use a Google account, you can setup alerts that notify you when your name, email address, or other info is posted somewhere on the web. To do so, goto http://google.com/dashboard, then modify the Me on the Web settings to your liking.
With Anonymous and LulzSec hacking left & right, it's best to be as safe as possible.
Adding to the list of game-related companies it has attacked, LulzSec yesterday claimed to have stolen and leaked the login and password information for approximately 62,000 "internet accounts," reports the CBC. The stolen info is said to comprise logins/passwords from Facebook, Twitter, "dating sites," PayPal and, notoriously, Xbox Live. It is also claimed that the majority of accounts are from the United states, though several other countries are named in the report.
The account database info is still currently available through the LulzSec website (though we'd suggest not visiting) -- various folks on Twitter responding to the group claim to have done a variety of things with the information, from having a large pack of condoms delivered to an elderly woman, to one person saying they bilked a PayPal account for £250 ($404).
Earlier this week, the group attacked and successfully took down a handful of game industry websites, including EVE Online, Minecraft and The Escapist. All three sites quickly recovered and have been online since. Microsoft has yet to respond to request for comment on yesterday evening's alleged breach.
Update: Microsoft has released a statement, which states that Xbox Live was not compromised to the best of Microsoft's knowledge, and the logins/passwords were released at random, with people encouraged to try said information on services like Xbox Live (among others). "This group appears to have posted a list of thousands of potential email addresses and passwords, and encouraged users to try them across various online sites like Xbox Live in the event one of the users happens to use the same password and email address combination. At this time we do not have any evidence Xbox Live has been compromised. However we take the security of our service seriously and work on an ongoing basis to improve it against evolving threats."
----------
Best to use caution, if you haven't changed your passwords in six months, it's best that you change them now.
If you use a Google account, you can setup alerts that notify you when your name, email address, or other info is posted somewhere on the web. To do so, goto http://google.com/dashboard, then modify the Me on the Web settings to your liking.
With Anonymous and LulzSec hacking left & right, it's best to be as safe as possible.