Sections

Hackers claim to have raided PSN, 2K, Origin, Windows Live mail

Group who DDOS'd Blizzard posts partial list of passwords & emails

DerpTrolling, the hacker collective which claimed responsibility for the DDOS attacks which crippled Blizzard's World of Warcraft servers over the weekend, has released a partial list of passwords and logins for various game-related services, including PSN and 2K accounts.

The group says that its list of obtained logins runs into the multiple millions, but has released a small 'proof' sample via Pastebin. Claiming to be acting in the interests of consumers, DerpTrolling has demanded that companies increase security in order to protect consumer information.

"We have 800,000 from 2K and 500,000 credit card data. In all of our raids we have a total of around 7 million usernames and passwords," a statement reported by CNET reads. "We have around 2 million Comcast accounts, 620,000 Twitter accounts, 1.2 million credentials belonging to the CIA domain, 200,000 Windows Live accounts, 3 million Facebook, 1.7 million EA origins accounts, etc."

The group has previously claimed responsibility for DDOS attacks on World of Tanks, League of Legends, EVE Online, Runescape and EA.com. The relevant companies have been contacted for confirmation, but changing passwords has been recommended.

Related stories

Sony launches State of Play direct marketing show

PlayStation maker's latest joins Nintendo Direct and Inside Xbox as platform-holder initiatives, first episode set for Monday

By Brendan Sinclair

NPD: Anthem was the best-selling game in February

Mass Effect 3 is the only EA BioWare game to sell more in its launch month

By Matthew Handrahan

Latest comments (10)

Yeah, posting hundreds of consumer's account details to a public Pastebin is definitely something a group acting 'in the interests of consumers' would do. But never mind, I'm sure none of us had anything better to do today than change all our passwords on everything again.
5Sign inorRegisterto rate and reply
Darren Adams Managing Director, ChaosTrend4 years ago
Not at all surprising with a moniker like DerpTrolling.

Unfortunately, all electronic data is vulnerable and this will happen again and again. Bottom line is that hackers are usually just as smart (if not more) than the people who make the security and you just have to hope they are wearing a white hat.

Apparently DerpTrolling is more in it for the kicks than to actually make any worthwhile contribution to the human race. Shame, all that power with no beneficial output.

Edited 1 times. Last edit by Darren Adams on 21st November 2014 1:02pm

0Sign inorRegisterto rate and reply
Tom Keresztes Programmer 4 years ago
Shame, all that power with no beneficial output.
Benefits : less blanket trust in big corporations.
1Sign inorRegisterto rate and reply
Show all comments (10)
Adam Campbell Game Manager, Azoomee4 years ago
I somewhat support the idea of people discovering exploits and reporting it to companies in order to help improve their systems. I feel uncomfortable when private data is then leaked and the justification becomes 'its in the best interest of consumers'.
9Sign inorRegisterto rate and reply
Tom Keresztes Programmer 4 years ago
I somewhat support the idea of people discovering exploits and reporting it to companies in order to help improve their systems. I feel uncomfortable when private data is then leaked and the justification becomes 'its in the best interest of consumers'
Companies don't publish this data as this would raise awareness for the issue (loopholes, flaws etc) . There are more 0-day exploits in most shipping systems that most people would believe. Its a common practice to only publish the vulnerability after a fix is available, but that does not mean that only nice guys are looking for these.

http://1337day.com/
0Sign inorRegisterto rate and reply
Companies don't publish this data
I think the data Adam is talking about in this case is the contents of that Pastebin, ie thousands of usernames and passwords of perfectly innocent people. Publishing that information helps nobody and just puts thousands of users at risk of having their accounts exploited.
2Sign inorRegisterto rate and reply
Klaus Preisinger Freelance Writing 4 years ago
If Derp truly believes in their statement that nothing was safe from them, then their claim of doing this so "that companies increase security in order to protect consumer information" is simply false. Even if companies act on this, Derp will break the security again and we are back to where we are now. The end result of this cycle can only be that companies stop throwing money at increased security that is not safe anyway, because Derp is right and nothing is safe from them. As a result, there will be less security, because why bother?

If Derp wants to protect consumers, then...., ....well..., ...there is no easy way to say this, but not posting consumer data is kind of the obvious solution in this scenario.

If Derp wants companies to improve their security, then there is no shortage of open positions to send your CV to and open source projects to join.
0Sign inorRegisterto rate and reply
Kingman Cheng Illustrator and Animator 4 years ago
I agree Adam, that's exactly where I stand too. There's 'helping companies out' (and thusly the consumers as well) and then there's just putting people at risk. I'm willing to bet they didn't leak their own details out in pastebin!
0Sign inorRegisterto rate and reply
Michael Revis Freelance Writer 4 years ago
Kind of amazing how these kinds of groups can be so smart, yet so dumb at the same time.
0Sign inorRegisterto rate and reply
Alfonso Sexto Lead Tester, Ubisoft Germany4 years ago
"We have 800,000 from 2K and 500,000 credit card data. In all of our raids we have a total of around 7 million usernames and passwords," a statement reported by CNET reads. "We have around 2 million Comcast accounts, 620,000 Twitter accounts, 1.2 million credentials belonging to the CIA domain, 200,000 Windows Live accounts, 3 million Facebook, 1.7 million EA origins accounts"

...And a very empty and sad life.
1Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.