Hackers Are Selling 8.3 Million 123RF User Records

Stock imagery website 123RF dot com suffered a cyber attack in mid-November 2020. According to reports, around 8.3 million user records were stolen by bad actors and have now been put up for sale.

123RF is one of the more popular stock imagery websites, primarily offering royalty free images for various publication purposes. The site has a fairly active and large userbase, with over 25 million monthly visitors. Its parent company, Inmagine Group, recently announced that bad actors had gained access to a 123RF server and stole customer information from it. The compromised database contained 8.3 million user records.

Hashed passwords may not be as secure as you think

The stolen data has already been put up for sale on hacker forums and contains personally identifiable information. Customer full names, e-mail addresses, IP addresses as well as Paypal e-mails and phone numbers are among the stolen data. Worst of all, the database also contained passwords that have been hashed using just MD5 encryption. The little good news included in the announcement was that no financial and payment information was contained among the user records.

It is well known that MD5 is not a particularly secure encryption method and there are vast MD5 databases that records can be compared against and decrypted.

It seems Inmagine Group also understand that, as they issued a warning to 123RF users to change their passwords on other services and platforms immediately, in case they used the same password across different logins.

If it's any consolation, the database that was illegally accessed was somewhat out of date, containing records that were last updated in late 2019.

Again, as with any other data breach, there is nothing the regular user can do after the leak has happened. The only thing that can keep you secure in similar situations is to never use the same password across different platforms to ensure that one compromised database will not hand your master password in the hands of cyber criminals.

By Zaib
November 20, 2020
Computer Security
English
November 20, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Computer Security

Here's How a Hacker Can Sell 34 Million User Records on the Dark Web

The dark web has an underground marketplace that can be as active as some legitimate consumer-to-consumer e-commerce websites. Just a few days ago, a new infodump was put up for sale on one such dark web forum,... Read more

November 5, 2020
News

More Than 42 Million Dating App User Records Exposed by an Unprotected Database

People think that it's the job of vendors and service providers to protect their data from hackers. If we have to be especially pedantic and fastidious about the whole thing, we'd say that the wording isn't completely... Read more

June 3, 2019
News

218 Million Records Have Allegedly Been Stolen from Zynga

On September 12, mobile and social media game developer Zynga announced that it had suffered a data breach. Zynga, as some of you probably know, is the creator of hit games like FarmVille, Mafia Wars, and Zynga Poker.... Read more

September 30, 2019
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.