More than 3000 websites hacked to steal 2.7 billion email addresses and passwords

• These websites primarily belong to the smaller businesses that are frequent targets of information theft.
• Out of the 2.7 billion, 20 million credentials are found to be from Japan.

A Tokyo information security company, Soliton Systems has uncovered a trove of email addresses and passwords stolen from different websites from across the world. The company highlights that the data stolen belongs to 3,000 unique websites that are built with inadequate security.

Websites of smaller businesses hacked

These websites primarily belong to the smaller businesses that are frequent targets of information theft. This puts customers’ accounts at risk.

Soliton Systems said that it found 2.7 billion matching pair email addresses and passwords originating worldwide, Nikkei Asian Review reported. Out of these, around 20 million credentials are found to be from Japan.

Selling on the Dark Web

The company suspects that the latest set of files have made their way to the underground market forums. These email addresses and passwords are being sold for a decent price on the Dark Web. The files were spotted in January through an overseas file-sharing service.

Addresses ending with ‘.jp’ suffix are the domains located in Japan and account for the 20 million accounts compromised. Websites of approximately 42 Japanese businesses have been hacked to steal their information. One of the websites belongs to Porsche Japan. The company had announced a cyber attack last February.