Not for the first time, millions of Yahoo and Gmail accounts have been discovered for sale online, a new report claims.
The accounts are for sale on the dark web by a vendor using the name ‘SunTzu583’ according to HackRead.
The report says that SunTzu583 is asking for $450 for 21,800,969 Gmail accounts, 75% of which are said to contain passwords that have no encryption, with the remaining 25% being hashed.
It is believed that the data was stolen from cyber attacks between between 2012 and 2016 on numerous sites including Dropbox.
The hacker has a separate list which is for sale for $200 which lists another 4,928,888 accounts, which reportedly include email addresses and passwords in plain text format.
This second list, HackRead claims, was stolen during hacks on LinkedIn, Adobe and Bitcoin Security Forum.
SunTzu583 is even selling a third list for just $250 which contains some 5.7 million Yahoo accounts, many of which were stolen as part of Adobe, LinkedIn and Myspace hacks.
The cybercriminal has issued a proviso that “Not all these combinations work directly on Yahoo, so don’t expect that all these email and passwords combinations work on Yahoo.”
Of course, this is not the first-time Yahoo has been hacked and indeed two of the biggest hacks of all time involved Yahoo so any users who think they are affected should act immediately to protect themselves by updating their passwords.
You check to see if your account has been compromised by entering your email address at haveibeenpwned.com.