Adobe’s security breach laid bare 38 million passwords to the world – and a security researcher claims that 1.9 million of these are the simple “123456”.
The entire top 20 is filled with “simplistic” passwords which are a “cause for concern,” according to PC Retail’s report.
The passwords are to be found on several online dumps,
Gosni said. Adobe initially said that three million accounts were
affected, but has since raised that figure to 38 million, with another
150 million at risk.
Password Number of users
- 123456 1,911,938
- 123456789 446,162
- password 345,834
- adobe123 211,659
- 12345678 201,580
- qwerty 130,832
- 1234567 124,253
- 111111 113,884
- photoshop 83,411
- 123123 82,694
The Register called the list of passwords “pathetic”,
saying that it made their staff, “wonder if criminals should have
bothered breaking in to steal them: with 1.9 million users relying on
“123456” there’s a better than one in one hundred chance of unlocking an
Adobe account with blind luck.”
However, an attacker is likely to assume that you use the same credentials on other sites, and he may try them on other sites of interest to him. (Of course, they may not be sites of interest to you.) So it’s a good idea (if an irksome task) to change your password on other sites that do use the same credentials.”
A We Live Security guide to what to do in the event of a breach can be found here.
ESET Researcher Stephen Cobb described the breach as “unprecedented” at the time, due to the fact that attackers also appeared to have accessed source code for Adobe’s Acrobat software.
Cobb says, “Access to the source code could be a major
asset for cybercriminals looking to target computing platforms such as
Windows or mobile operating systems such as Android.”