Passwords for 15,000 Hungarian Gmail accounts leaked
15,000 Hungarian Gmail accounts and their passwords were leaked on an Estonian file-sharing website, origo.hu reports. When tested, the accounts and passwords proved correct, although the list contained previous passwords and passwords for different accounts as well. The details were stolen from the database of the Budapest Marathon Organisation (BSI).
The user who discovered the hack was a man whose Spotify account had been compromised. As a precaution for future incidents, he began to investigate how secure his other accounts were and he happened upon his email address on the Estonian website, where hackers were sharing account passwords, as well as tips and tricks on cracking various apps and websites. They were also trading the data; lists containing as many as 1 million account details were mentioned in possible deals.
It was not the Gmail accounts themselves that were hacked; the data was stolen from another website. This presents a serious issue for users who use the same name and password for several websites, since they all automatically become accessible for hackers.
According to origo.hu, users are not using secure passwords. Only 38% of them create strong passwords, and 1 out of 7 people use the same password for all of their accounts. 12% of them do not even attempt to make their passwords more complicated by using capital letters or special characters (@&#). The list on the Estonian website also contained many weak passwords, such as the name of the user, their birthday, or 12345 and the like.
According to Hungarian laws on abuse and misuse of personal information, identity fraud is punishable by prison sentence up to 2 years. This applies to criminals who commit the theft, as well as those who only use or share the information after it gets into their possession, from other sources.
In Hungary, if someone discovers a stolen database, it can be reported to the Hungarian National Authority for Data Protection and Freedom of Information (NAIH), or to the National Media and Infocommunications Authority (NMHH) when the issue is regarding a telecommunications company.
The Budapest Marathon Organisation confirmed the hack, as well as the number of leaked accounts. The attack hit the system that stores entries for races, and it most likely came from Asian IP addresses. The organisation is still investigating the degree of damage, but they do not store credit card and payment information. Upon registration, users are redirected to a secure platform to complete the transactions.
The online registration has been suspended until the security breach is fixed, and the organisation warned every runner whose information could have been involved: if they are using the same password on different accounts, they should change them immediately.
Copy editor: bm
Source: origo.hu
please make a donation here
Hot news
What happened today in Hungary? — 18 April, 2024
Probe launched into suspected foreign financing attempt in Hungary
VIDEO: What’s happening in Hungary? Food delivery rider on the motorway
ESG law strengthens the competitiveness of Hungarian businesses
SHOCKING: Hungary’s guest worker numbers exposed!
According to Minister Navracsics, this one policy will be priority of Hungarian presidency – UPDATED