WASHINGTON, December 5 (RIA Novosti) – Two million stolen passwords for popular websites, including Facebook, Yahoo, Twitter and Google, have been discovered on a Russian language website by a US online security company.
Researchers for SpiderLabs, a division of Trustwave, found the stolen information while investigating a Netherlands-based server used by cyber criminals to control a huge network of computers that had been infected with malicious software.
They uncovered data from more than 326,000 Facebook accounts, 60,000 Google accounts, more than 59,000 Yahoo accounts and nearly 22,000 Twitter accounts, with victims based in countries around the world, SpiderLabs wrote on its blog.
SpiderLabs told Reuters on Thursday that it had reported its findings to the biggest firms among the more than 90,000 websites and Internet service providers affected.
Facebook and Twitter representatives told Reuters that they had already reset the stolen passwords. Google made no comment, and Yahoo representatives could not be reached, Reuters reported.
The discovery has highlighted the lax security habits of many Internet users. SpiderLabs said that the most commonly used password was “123456,” which was popular with more than 15,000 of the victims.
Other common passwords included “123456789,” “1234” and “password.” Security researcher Graham Cluly told the BBC on Wednesday that 30-40 percent of people use the same password for multiple sites.
"That's certainly something people shouldn't do," he said.
Cluly added that selecting predictable passwords, such as the examples highlighted by SpiderLabs, was “as much use as a chocolate teapot.”
