There are currently 4,383,487,731 accounts in our database.
There are currently 4,383,487,731 accounts in our database.
October 11th, 2016
Gaming company Evony was hacked for a total of 33,407,472 users from its main game database in June of 2016. Earlier this year in August we discovered their forums were also hacked for 938k users.
Each record contains a username, email address, password, and ip address among other internal data fields.
Passwords were stored using unsalted MD5 hashing which means at this point we have cracked most of them. Surprisingly they also stored the passwords in unsalted SHA1 next to the MD5 which makes no sense but anyway, here is the top list of most frequently used credentials:
| Rank | Password | Frequency |
|---|---|---|
| 1 | 123456 | 714,466 |
| 2 | fuk19600 | 208,121 |
| 3 | 123456789 | 163,318 |
| 4 | mynoob | 119,365 |
| 5 | password | 96,151 |
| 6 | 111111 | 82,593 |
| 7 | 74,051 | |
| 8 | evildick | 70,546 |
| 9 | qwerty | 55,872 |
| 10 | 1234567 | 52,902 |
| 11 | 123123 | 44,463 |
| 12 | fuku00198 | 39,629 |
| 13 | 12345678 | 39,599 |
| 14 | evony192 | 39,036 |
| 15 | 1234567890 | 32,297 |
| 16 | abc123 | 29,538 |
| 17 | 000000 | 28,466 |
| 18 | 111555 | 27,749 |
| 19 | 654321 | 27,319 |
| 20 | dragon | 23,095 |
| 21 | killer | 21,948 |
| 22 | again1 | 21,239 |
| 23 | omg199 | 20,880 |
| 24 | whatthezor | 20,651 |
| 25 | aaaaaa | 20,574 |
| 26 | football | 19,424 |
| 27 | blasted1 | 19,318 |
| 28 | notthat | 17,363 |
| 29 | pokemon | 17,318 |
| 30 | asdfgh | 17,079 |
| 31 | wenoob | 16,359 |
| 32 | 666666 | 16,313 |
| 33 | evony1 | 16,096 |
| 34 | liverpool | 15,653 |
| 35 | fuckyou | 15,540 |
| 36 | ihatethisgame | 15,459 |
| 37 | qazxsw | 14,591 |
| 38 | 123321 | 13,760 |
| 39 | 987654321 | 13,214 |
| 40 | monkey | 13,174 |
| 41 | [email protected] | 13,042 |
| 42 | shadow | 12,955 |
| 43 | asdfghjkl | 12,561 |
| 44 | hahaha | 12,557 |
| 45 | qwertyuiop | 12,175 |
| 46 | 112233 | 11,877 |
| 47 | potato | 11,874 |
| 48 | 121212 | 11,869 |
| 49 | 555555 | 11,669 |
| 50 | suckme | 11,632 |
| 51 | soccer | 11,525 |
| 52 | password1 | 11,128 |
| 53 | starwars | 10,905 |
| 54 | iloveyou | 10,845 |
| 55 | baseball | 10,435 |
After the Last.fm breach, one of our favorite Twitter users @SwiftOnSecurity asked us to look for some interestingly long passwords so for breaches with simple hashing algorithms we're going to add that to our blog posts. Here are some hand picked long, interesting Evony passwords we managed to crack:
| Password | Length |
|---|---|
| destroyerspeedfluxquadrantinclusionexhaustrelease | 49 |
| derpderpderpderpderpderpderpderpderpderpderpderp | 48 |
| plseeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee | 43 |
| 123456789qazwsxedcrfvtgbyhnujmik,ol.p;/[']\ | 43 |
| 1324354657687980qazwsxedcrfvtgbyhnujmikolp | 42 |
| lamborghinimurcielagolp670-4superveloce | 39 |
| aleksandra123456789123456789123456789 | 37 |
| thequickbrownfoxjumpedoverthelazydogs | 37 |
| kosova1234567891011121314151617181920 | 37 |
| upupdowndownleftrightleftrightbastart | 37 |
| hari yang cerah untuk jiwa yang sepi | 36 |
| thequickbrownfoxjumpsoverthelazydog | 35 |
| supercalifragilisticexpialidocious | 34 |
| STAYOFFMYSHIT123321456654789987 | 31 |
| osenhoremeupastorenadamefaltara | 31 |
| nailsforbreakfasttacksforsnacks | 31 |
| noonewilleverguessmypassword123 | 31 |
| Concentration camps were set up | 31 |
| osenhoremeupastorenadamefaltara | 31 |
| transformers2revengeofthefallen | 31 |
| nailsforbreakfasttacksforsnacks | 31 |
| cristianmejorfutbolistadelmundo | 31 |
| playstation3callofdutyblackops | 30 |
| i kissed a girl and i liked it | 30 |
| puppiesandkittenshannahmontana | 30 |
| bobesponjapantalonescuadrados | 29 |
| ifthemudaintflyinyouainttryin | 29 |
| cristianjosiasmenesesgallardo | 29 |
| iloveedwardcullenfromtwilight | 29 |
| illkeepyoumydirtylittlesecret | 29 |
| hades lord of the under world | 29 |
| mycatsbreathsmellslikecatfood | 29 |
| youwillneverguessthispassword | 29 |
| needforspeedmostwantedgregory | 29 |
| somethingstrangforsomechange | 28 |
| manchesterunitedthereddevils | 28 |
| you dont mess with the zohan | 28 |
| honorificabilitudinitatibus | 27 |
| billie jean is not my lover | 27 |
| fuckyoubitcheseatshitanddie | 27 |
| toofasttolivetooyoungtodie | 26 |
| sir sir what are you doing | 26 |
Simple table of top email domains
| Rank | Email Domain | Frequency |
|---|---|---|
| 1 | @yahoo.com | 7,464,078 |
| 2 | @hotmail.com | 6,493,345 |
| 3 | @gmail.com | 3,593,315 |
| 4 | NONE | 3,453,701 |
| 5 | @aol.com | 1,005,343 |
| 6 | @hotmail.co.uk | 667,075 |
| 7 | @live.com | 630,399 |
| 8 | @msn.com | 330,372 |
| 9 | @ymail.com | 253,433 |
| 10 | @yahoo.co.uk | 229,153 |
| 11 | @comcast.net | 219,959 |
| 12 | @live.co.uk | 170,255 |
| 13 | @hotmail.fr | 137,503 |
| 14 | @aim.com | 125,611 |
| 15 | @rocketmail.com | 121,204 |
| 16 | @mail.com | 110,115 |
| 17 | @sbcglobal.net | 106,120 |
| 18 | @att.net | 87,345 |
| 19 | @yahoo.co.in | 84,603 |
| 20 | @yahoo.ca | 83,417 |
| 21 | @btinternet.com | 81,772 |
| 22 | @googlemail.com | 81,200 |
| 23 | @verizon.net | 80,931 |
| 24 | @live.nl | 76,160 |
| 25 | @mail.ru | 75,362 |
| 26 | @live.ca | 74,381 |
| 27 | @yahoo.fr | 66,145 |
| 28 | @yahoo.co.id | 59,728 |
| 29 | @cox.net | 58,753 |
| 30 | @true.com | 57,712 |
| 31 | @bigpond.com | 56,659 |
| 32 | @live.fr | 54,896 |
| 33 | @live.com.au | 52,850 |
| 34 | @abv.bg | 50,536 |
| 35 | @rediffmail.com | 49,450 |
| 36 | @yahoo.com.au | 49,422 |
| 37 | @bellsouth.net | 49,082 |
| 38 | @web.de | 48,816 |
| 39 | @seznam.cz | 48,242 |
| 40 | @naver.com | 43,835 |
| 41 | @sexy.com | 42,638 |
| 42 | @NOOB.com | 41,187 |
| 43 | @sky.com | 39,185 |
| 44 | @charter.net | 38,389 |
| 45 | @windowslive.com | 36,441 |
| 46 | @wp.pl | 34,908 |
| 47 | @ntlworld.com | 32,284 |
| 48 | @yo.com | 31,413 |
| 49 | @shaw.ca | 30,084 |
| 50 | @hotmail.it | 29,848 |
| 51 | @hotmail.de | 29,126 |
| 52 | @hotmail.es | 28,466 |
| 53 | @yahoo.com.vn | 28,313 |
| 54 | @gmx.de | 28,297 |
| 55 | @live.dk | 28,164 |
We are virtually up to our eyeballs in databases so we'll be adding 18 others with this release. They are not processed yet but we expect them to be finished by tomorrow, here's the list and approximate hack date:
The next breach will contain about 40 million users once we're finished processing it, so stay tuned! We also have these 52m users we may add before then. https://www.riskbasedsecurity.com/2016/10/modern-business-solutions-stumbles-over-a-modern-business-problem-58m-records-dumped-from-an-unsecured-database/