000webhost hacked - 13 million passwords leaked

[Lt.Bitcoin]

Hello Guys!

I just saw this  news here:
http://www.forbes.com/sites/thomasbrewster/2015/10/28/000webhost-database-leak/
http://www.troyhunt.com/2015/10/breaches-traders-plain-text-passwords.html

000webhost has been recently hacked and 13 million plain passwords has been leaked.
If you want to check if you are victim or not of this attack, visit here: https://haveibeenpwned.com/

Such a bad news for the users of 000webhost.com
Lt.Bitcoin

[WWC-DEV]

If you want to check if you are victim or not of this attack, visit here: https://haveibeenpwned.com/

Is it safe to visit this site?

[mexxer-2]

If you want to check if you are victim or not of this attack, visit here: https://haveibeenpwned.com/

Is it safe to visit this site?

Backing from pcworld and other trusted sites. Seems safe to visit.

[WWC-DEV]

If you want to check if you are victim or not of this attack, visit here: https://haveibeenpwned.com/

Is it safe to visit this site?

Backing from pcworld and other trusted sites. Seems safe to visit.

Is that site owned by pcworld?

[mexxer-2]

Is that site owned by pcworld?

Nope, I meant its backed/supported/reported(in a good way) by PCworld and other sites like thebussinessinsider, digitaltrends etc. You can see it if you google it

[Spoetnik]

I heard similar a week ago about cheating date site Ashley Madison

[Faradey100]

They not publiced logins and passwords?

[kolloh]

Wow 13million user records and passwords stored in plain text. /facepalm

[WWC-DEV]

They not publiced logins and passwords?

I don't think the passwords are public yet.

[Daniel91]

This is old news already, happened 2 weeks ago.
WE all had to change passwords and now can use this hosting and edit our sites again, without problem.

[WWC-DEV]

This is old news already, happened 2 weeks ago.
WE all had to change passwords and now can use this hosting and edit our sites again, without problem.

There are some people who lost their accounts too.

[shorena]

The full dump is here[1] for now at least[2]. Very interesting top100 passwords, esp. #11 (outch) and the seemingly random one that was used >9000 times[4].

[1] https://000webhost.thecthulhu.com/
[2] https://twitter.com/CthulhuSec/status/666167981949526016
[3] https://twitter.com/asdizzle_/status/661323805214814209
[4] https://twitter.com/asdizzle_/status/665933815420989440

[Lauda]

Is it safe to visit this site?

That site is actually very good and I did not know that it existed. I just checked that I was "pwned". I didn't even know that I had accounts on some of these places! Time to start deleting. It's quite unfortunate that this happens on places that do not deserve to be hacked. This is why companies need to start hiring more (skilled) people to handle security, it should never be neglected.

[Lt.Bitcoin]

Is it safe to visit this site?

That site is actually very good and I did not know that it existed. I just checked that I was "pwned". I didn't even know that I had accounts on some of these places! Time to start deleting. It's quite unfortunate that this happens on places that do not deserve to be hacked. This is why companies need to start hiring more (skilled) people to handle security, it should never be neglected.

Yup, I got that information while i was searching for free web hosting and security is the main thing of any organization or anything. From your home to your phones, I think 000webhost had this intention to do that's why they stored the data in plain text instead of an encrypted string.

Lt.Bitcoin

[An0nym0us]

Fuck i had a account there....

[Parazyd]

I have a copy of the dump. All the passwords are plaintext
You see how dumb people actually are with their passwords...

What do I do with it now?

[Lauda]

I have a copy of the dump. All the passwords are plaintext
You see how dumb people actually are with their passwords...

What do I do with it now?

Well you can't generalize either. There are people that have created their accounts in the past for testing (or other reasons) and have not deleted them. However, you are also right. I have quickly looked through that list as well.

[Parazyd]

I have a copy of the dump. All the passwords are plaintext
You see how dumb people actually are with their passwords...

What do I do with it now?

Well you can't generalize either. There are people that have created their accounts in the past for testing (or other reasons) and have not deleted them. However, you are also right. I have quickly looked through that list as well.

Did you find mine? A fucking 6char password... Damn I was an idiot back then. I think it was 2010. or something.

[Spoetnik]

I have a copy of the dump. All the passwords are plaintext
You see how dumb people actually are with their passwords...

What do I do with it now?

brag to your friends about having them LOL

edit:
Ahh i see the pwned site now.
Yeah i have been there before with another hacker story i seen at Neowin.net News site.
It's legit i think.
And no i was not on the list of pwned guys but i will see again now hahhaha
i thought it was just for that one incident long ago.. not multiple hacks etc.

edit:
Nope.
I checked all the accounts i use ..i was not on any list 
I didn't think i would be..

[Parazyd]

I have a copy of the dump. All the passwords are plaintext
You see how dumb people actually are with their passwords...

What do I do with it now?

brag to your friends about having them LOL

edit:
Ahh i see the pwned site now.
Yeah i have been there before with another hacker story i seen at Neowin.net News site.
It's legit i think.
And no i was not on the list of pwned guys but i will see again now hahhaha
i thought it was just for that one incident long ago.. not multiple hacks etc.

edit:
Nope.
I checked all the accounts i use ..i was not on any list  
I didn't think i would be..

It's a legit dump nevertheless... I found my account inside