What Leakbase Going Dark Means for the Data Breach Lifecycle

By on

“Big Company Hit with Data Breach, Millions of Users Impacted.” An all too familiar news title, for an all too familiar issue. It almost seems that each week we read about a new data breach in the news. We learn how it happened, what the hackers went after, and the ramifications. Those affected scan their credit, potentially chopping up compromised cards. But what happens after that?

A data breach is just that – data that has been breached. After they’ve attacked an organization, hackers have barrels of stolen information just sitting in their laptops. So, the next question for black hats is often – what do we do with this stolen data? Answer: turn it into profit.

That’s where sites like Leakbase come into play. These crooks can hand over this stolen data to Leakbase, which is a website that has indexed and sold access to billions of usernames and passwords swiped in some of the world’s largest data breaches. Leakbase began its operations in late 2016, advertising access to crucial data stolen from data breaches involving LinkedIn, Myspace, and Dropbox. That is until this week when the site suddenly went dark, discontinuing their service entirely.  In fact, after being discontinued, the domain was redirected to Troy Hunt’s https://haveibeenpwned.com/ site, which actually allows anyone to check to see if specific email addresses have been involved in a data breach. There’s speculation that Dutch law enforcement has been involved in this shutdown, but as of now it remains only that – speculation.

So, even though Leakbase is gone, the existence of the site and others like it serves as an important reminder that the impact of data breaches reverberates louder and longer than we may imagine. “Warehouses of stolen data extend the risk of breaches,” says Christian Beek, lead scientist and principal engineer at McAfee, who helped identify this trend in cybercrime in a 2017 Threats Predictions report.

Beek says the same thing goes for cloud data services, which can be mined for valuable information while also allowing criminals to change and hide their own identities. “The same cloud capabilities that help businesses can also house stolen data and help bad guys constantly cycle through their own information, making them harder to track.” Beek says this brings home the need for evolving security operations centers connected to a community. “If it’s you vs. them, it’s very hard. If it’s all of us vs. them, we have much better odds.”

To learn more about Leakbase and the ramifications of data breaches, be sure to follow us at @McAfee and @McAfee_Labs.

Leave a Comment

Similar articles

At the end of last year, a survey revealed that the most popular password was still “123456,” followed by “password.” These highly hackable choices are despite years of education around the importance of password security. So, what does this say about people who pick simple passwords? Most likely, they are shooting for a password that is ...
Read Blog
If you’re a gamer, you know how important virtual currency is. It allows you to purchase new costumes and weapons to personalize your avatar. But how does one go about gaining virtual currency? Players complete in-game challenges and are rewarded with coins to spend in their virtual world. These challenges can be pretty difficult and ...
Read Blog
Cryptocurrency mining is the way transactions are verified and added to the public ledger, a database of all the transactions made around a particular piece of cryptocurrency. Cryptocurrency miners compile all of these transactions into blocks and try to solve complicated mathematical problems to compete with other miners for bitcoins. To do this, miners need ...
Read Blog