Data hoarding site represents the dark side of data breach monitoring

Data hoarding site represents the dark side of data breach monitoring

Data hoarding site represents the dark side of data breach monitoring

A site that's been warning the public about data breaches might actually be doing more harm than good.

Enter LeakedSource, a giant repository online that can potentially make hacking easier. Your email address and the associated Internet accounts -- including the passwords -- is probably in it.

In fact, the giant repository is made up of stolen databases taken from LinkedIn, Myspace, Dropbox, and thousands of other sites. It bills itself as a data breach monitoring site and for months now, it's been collecting details on hacks, both old and new, and alerting the media about them.

But the repository also features something that might be illegal: a search function that can look up all the stolen information. It’s also why LeakedSource is probably becoming a tool for novice hackers.

For US$2 a day, a subscriber at LeakedSource can enter an email address or username and find details on what internet accounts it was used to registered with. Not only that, LeakedSource will crack the associated passwords when it can.

Read Also:
Even big data devs make big data security gaffes

The search function has made it popular on HackForums.net, what one Reddit user described as a breeding ground for script kiddies. A number of threads at the forum mention how LeakedSource can be used for hacking.

One user, for instance, is offering an ebook for $8 on that very topic. Others are offering advice on how to use LeakedSource as a way to hack a social media account or to dox someone and dump the person’s files online.

“Ever wanted to be an elite hacker and show off?” wrote one user. “Here’s a small tutorial on how to break into a Youtuber’s account using a database looking up tool called: LeakedSource.”

On Monday, LeakedSource declined to answer questions about the legality of the site. The operators behind the service remain anonymous, but they say they don't condone any hacking.

However, as far back as October 2015, LeakedSource appears to have begun promoting itself on HackForums.net. When asked about this over email, LeakedSource didn't directly respond.

Read Also:
Going with the flow: The global battle for your personal data

Instead, the site's operators claim that all the information they store and index is already available on the internet.

"Before people start pointing fingers at us, anyone is free to download well over a billion records from the clear web," LeakedSource said in an email that included links to stolen databases taken from Myspace and LinkedIn.

The site has also said it's not responsible for any data breaches. It merely collects the stolen databases, often by searching through the Dark Web, or by receiving them from anonymous hackers, LeakedSource has said.

"Many of (the hackers) like what we do, some want to draw publicity to themselves and others don't want their 'enemies' to be able to profit off selling data," it said in an earlier email.

 



Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
Protect data on the cloud
Read Also:
Five Things So-Called “Business Intelligence” Vendors Don’t Talk About

Chief Analytics Officer Spring 2017

2
May
2017
Chief Analytics Officer Spring 2017

15% off with code MP15

Read Also:
Three Reasons Why Visual Management Boards Fail

Big Data and Analytics for Healthcare Philadelphia

17
May
2017
Big Data and Analytics for Healthcare Philadelphia

$200 off with code DATA200

Read Also:
7 Features Every Cloud Platform Needs To Have In 2017 And Beyond

SMX London

23
May
2017
SMX London

10% off with code 7WDATASMX

Read Also:
The evolution of social technologies

Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
Evaluating the privacy properties of telephone metadata

Leave a Reply

Your email address will not be published. Required fields are marked *