http://www.zdnet.com/article/these-are-the-worst-passwords-from-the-ashley-madison-hack/
By Zack Whittaker
Zero Day
ZDNet.com
August 26, 2015
When hackers swiped an estimated 36 million accounts associated with
AshleyMadison.com, a site which helps married people cheat on their
partners, there was a rush to find out what had been stolen.
A month after the breach was reported, hackers released the first cache of
stolen data. Email addresses, credit card transactions, and more were
leaked on August 18. More data, released days later, included internal
emails at the website's parent company, Avid Life Media.
The tens of millions of passwords, though leaked, were hashed, meaning
they were cryptographically scrambled using a feature known as bcrypt.
(Many other websites that have suffered leaked data have either used weak
cryptography to hash the passwords, or none at all.) Robert Graham at
Errata Security said in a blog post this was a "refreshing change,"
because it means users with strong passwords are "safe."
But, for weaker passwords, the same cannot be said.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
