There are currently 4,484,273,603 accounts in our database.

October 11th, 2016

33 Million gamer accounts stolen


Table of Contents

Summary

Gaming company Evony was hacked for a total of 33,407,472 users from its main game database in June of 2016. Earlier this year in August we discovered their forums were also hacked for 938k users.


Each record contains a username, email address, password, and ip address among other internal data fields.

Passwords

Passwords were stored using unsalted MD5 hashing which means at this point we have cracked most of them. Surprisingly they also stored the passwords in unsalted SHA1 next to the MD5 which makes no sense but anyway, here is the top list of most frequently used credentials:


Rank Password Frequency
1 123456 714,466
2 fuk19600 208,121
3 123456789 163,318
4 mynoob 119,365
5 password 96,151
6 111111 82,593
7 google 74,051
8 evildick 70,546
9 qwerty 55,872
10 1234567 52,902
11 123123 44,463
12 fuku00198 39,629
13 12345678 39,599
14 evony192 39,036
15 1234567890 32,297
16 abc123 29,538
17 000000 28,466
18 111555 27,749
19 654321 27,319
20 dragon 23,095
21 killer 21,948
22 again1 21,239
23 omg199 20,880
24 whatthezor 20,651
25 aaaaaa 20,574
26 football 19,424
27 blasted1 19,318
28 notthat 17,363
29 pokemon 17,318
30 asdfgh 17,079
31 wenoob 16,359
32 666666 16,313
33 evony1 16,096
34 liverpool 15,653
35 fuckyou 15,540
36 ihatethisgame 15,459
37 qazxsw 14,591
38 123321 13,760
39 987654321 13,214
40 monkey 13,174
41 [email protected] 13,042
42 shadow 12,955
43 asdfghjkl 12,561
44 hahaha 12,557
45 qwertyuiop 12,175
46 112233 11,877
47 potato 11,874
48 121212 11,869
49 555555 11,669
50 suckme 11,632
51 soccer 11,525
52 password1 11,128
53 starwars 10,905
54 iloveyou 10,845
55 baseball 10,435

After the Last.fm breach, one of our favorite Twitter users @SwiftOnSecurity asked us to look for some interestingly long passwords so for breaches with simple hashing algorithms we're going to add that to our blog posts. Here are some hand picked long, interesting Evony passwords we managed to crack:


Password Length
destroyerspeedfluxquadrantinclusionexhaustrelease 49
derpderpderpderpderpderpderpderpderpderpderpderp 48
plseeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee 43
123456789qazwsxedcrfvtgbyhnujmik,ol.p;/[']\ 43
1324354657687980qazwsxedcrfvtgbyhnujmikolp 42
lamborghinimurcielagolp670-4superveloce 39
aleksandra123456789123456789123456789 37
thequickbrownfoxjumpedoverthelazydogs 37
kosova1234567891011121314151617181920 37
upupdowndownleftrightleftrightbastart 37
hari yang cerah untuk jiwa yang sepi 36
thequickbrownfoxjumpsoverthelazydog 35
supercalifragilisticexpialidocious 34
STAYOFFMYSHIT123321456654789987 31
osenhoremeupastorenadamefaltara 31
nailsforbreakfasttacksforsnacks 31
noonewilleverguessmypassword123 31
Concentration camps were set up 31
osenhoremeupastorenadamefaltara 31
transformers2revengeofthefallen 31
nailsforbreakfasttacksforsnacks 31
cristianmejorfutbolistadelmundo 31
playstation3callofdutyblackops 30
i kissed a girl and i liked it 30
puppiesandkittenshannahmontana 30
bobesponjapantalonescuadrados 29
ifthemudaintflyinyouainttryin 29
cristianjosiasmenesesgallardo 29
iloveedwardcullenfromtwilight 29
illkeepyoumydirtylittlesecret 29
hades lord of the under world 29
mycatsbreathsmellslikecatfood 29
youwillneverguessthispassword 29
needforspeedmostwantedgregory 29
somethingstrangforsomechange 28
manchesterunitedthereddevils 28
you dont mess with the zohan 28
honorificabilitudinitatibus 27
billie jean is not my lover 27
fuckyoubitcheseatshitanddie 27
toofasttolivetooyoungtodie 26
sir sir what are you doing 26

Emails

Simple table of top email domains


Rank Email Domain Frequency
1 @yahoo.com 7,464,078
2 @hotmail.com 6,493,345
3 @gmail.com 3,593,315
4 NONE 3,453,701
5 @aol.com 1,005,343
6 @hotmail.co.uk 667,075
7 @live.com 630,399
8 @msn.com 330,372
9 @ymail.com 253,433
10 @yahoo.co.uk 229,153
11 @comcast.net 219,959
12 @live.co.uk 170,255
13 @hotmail.fr 137,503
14 @aim.com 125,611
15 @rocketmail.com 121,204
16 @mail.com 110,115
17 @sbcglobal.net 106,120
18 @att.net 87,345
19 @yahoo.co.in 84,603
20 @yahoo.ca 83,417
21 @btinternet.com 81,772
22 @googlemail.com 81,200
23 @verizon.net 80,931
24 @live.nl 76,160
25 @mail.ru 75,362
26 @live.ca 74,381
27 @yahoo.fr 66,145
28 @yahoo.co.id 59,728
29 @cox.net 58,753
30 @true.com 57,712
31 @bigpond.com 56,659
32 @live.fr 54,896
33 @live.com.au 52,850
34 @abv.bg 50,536
35 @rediffmail.com 49,450
36 @yahoo.com.au 49,422
37 @bellsouth.net 49,082
38 @web.de 48,816
39 @seznam.cz 48,242
40 @naver.com 43,835
41 @sexy.com 42,638
42 @NOOB.com 41,187
43 @sky.com 39,185
44 @charter.net 38,389
45 @windowslive.com 36,441
46 @wp.pl 34,908
47 @ntlworld.com 32,284
48 @yo.com 31,413
49 @shaw.ca 30,084
50 @hotmail.it 29,848
51 @hotmail.de 29,126
52 @hotmail.es 28,466
53 @yahoo.com.vn 28,313
54 @gmx.de 28,297
55 @live.dk 28,164

More Databases

We are virtually up to our eyeballs in databases so we'll be adding 18 others with this release. They are not processed yet but we expect them to be finished by tomorrow, here's the list and approximate hack date:

  • AvMagazine.it - 134,657 users - September 9th, 2016
  • AllGsmun.com - 134,859 users - September 15th, 2016
  • CraftsForum.co.uk - 143,870 users - September 2nd, 2016
  • CuttingEdgeMuscle.com - 90,338 users - September 11th, 2016
  • DVDrBase.info - 90,174 users - October 8th, 2013
  • Enworld.org - 284,586 users - September 14th, 2016
  • Babeunion.com - 61,115 users - September 10th, 2016
  • OldVersion.com - 81,344 users - September 1st, 2016
  • Pashnit.com - 41,181 users - January 16th, 2015
  • PatriotGuard.org - 343,249 users - September 10th, 2016
  • SkodaForum.com - 63,962 users - July 28th, 2016
  • SprintUsers.com - 422,681 users - September 16th, 2016
  • StoicStudio.com - 56,089 users - September 4th, 2016
  • TheHackerParadise.com - 39,563 users - September 2nd, 2016
  • AutoGeek.com - 74,576 users - August 21st, 2016
  • GEarthHacks.com - 242,786 users - August 21st, 2016
  • TitanQuest.com - 100,722 users - August 21st, 2016
  • Vbet.com - 1,164,546 users - August 19th, 2016

The next breach will contain about 40 million users once we're finished processing it, so stay tuned! We also have these 52m users we may add before then. https://www.riskbasedsecurity.com/2016/10/modern-business-solutions-stumbles-over-a-modern-business-problem-58m-records-dumped-from-an-unsecured-database/