Hacker steals 171 mn user accounts of Russian social network VK.com

07 Jun 2016

A hacker has stolen 171 million user accounts associated with social networking giant, VK.com, containing full names, email addresses and plain-text passwords, and in many cases locations and phone numbers.

The St Petersburg, Russia-headquartered social network – earlier known as VKontakte is reportedly the largest in Europe, with over million users at the last count. The hack is said to have been carried out in late-2012 or early 2013, but the hacker who was selling the data could not be more precise.

In view of the timing, the entire store of VK's data, which at the time had less than 190 million users was likely to have been stolen during the hack.

The hacker was now selling a part of the database - 100 million accounts, which was little over 17 gigabytes in size - on a dark web marketplace for 1 bitcoin, or about $580 at the time of writing.

ZDNet which was provided the database for verification reported that a selection of names in VK's public search engine turned up valid results.

LeakedSource.com, a search engine that records breaches and allows users to search their details, also obtained a portion of the database, containing 100 million records.

The hack revealed that the Russians had the same (bad) habits as the western world, when it came to poor and weak passwords -with the most common being 123456, qwerty, qwertyuiop, and 123123, with the first one being found in 709,067 instances.