Hacking Cyber Security. Exclusive If you have an account on Taringa, also known as The Latin American Reddit, your account details may have compromised in a massive data breach that leaked login details of almost all of its over 2. Taringa is a popluar social network geared toward Latin American users, who create and share thousands of posts every day on general interest topics like life hacks, tutorials, recipes, reviews, and art. The Hacker News has been informed by Leak. Base, a breach notification service, who has obtained a copy of the hacked database containing details on 2. Learn What is password hacking Read more indepth articles about password hacking, the hacker news, hacker news, cyber security news, the fappening, deep web, dark. File download accelerator with browser integration, task scheduler, automatic posttask actions, malware checker, MD5 and SHA1 verifier, Clipboard and browser. Taringa users. The hashed passwords use an ageing algorithm called MD5 which has been considered outdated even before 2. Taringa users open to hackers. Wanna know how weak is MD5, Leak. Base team has already cracked 9. Million of hashed passwords successfully within just a few days. Leak. Base has shared a dump of 4. Taringa users with The Hacker News to help us verify the authenticity of the leaked database. Using email addresses in the dump, we contacted a few random Taringa users with their plain text passwords, who acknowledged the authenticity of their credentials. The data breach reportedly occurred last month, and the company then alerted its users via a blog post, sharing more information about the incident. It is likely that the attackers have made the database containing nicks, email addresses and encrypted passwords. No phone numbers and access credentials from other social networks have been compromised as well as addresses of bitcoin wallets from the Taringa program Creators. How To Burn A Free Windows 7 Installation Disc. At the moment there is no concrete evidence that the attackers continue to have access to the Taringa codeTo protect its users, Taringa is currently sending a password reset link via an email to its users as soon as they access their account with an old password. One of the contacted users has also shared a screenshot of the notice with The Hacker News, as shown above. Weve made a massive password reset strategy and also increased the encryption of the passwords from MD5 to SHA2. Weve also been in contact with our community via our customer support team, a Taringa spokesperson told The Hacker News. Leaked Database Analysis. Here below we have a brief analysis of the leaked database, which suggests that even after countless warnings, most people are continuously using deadly simple passwords to safeguard their most sensitive data. As you can see in the image given below, Leak. Base team managed to crack 2. MD5 algorithm, out of which over 1. Million were unique passwords. The vast majority of the cracked passwords were alpha and lower case alpha and did not contain any special characters or symbols. Here below we have the list of most popularcommon passwords chosen by Taringa users that also includes top worst passwords such as 1. The most popular length of the password was six characters long, followed closely by eight characters, nine and ten characters. Expectedly, the percentages drop drastically as you go higher in length. Besides the cracked passwords, Leak. Base also take a look at the email addresses contained in the leaked data dump, and the most common email domains are as follows. But, are Taringa users entirely responsible for choosing weak passwords Not completely. Its also the fault of the company, who failed to enforce a strong password policy on their users, eventually allowing them to sign up with weak passwords. After data breaches, the organisations tend to blame the end users for poor password security, but they forget to provide them one. So far, it has not been clear who is behind the attack on Taringa, neither how the attackers managed to breach into its servers. Meanwhile, in a separate news,we reported about an unknown hacker selling personal details on more than 6 million high profile Instagram accounts on an online website, Doxagram, after the hacker breached the Facebook owned photo sharing service using a flaw in its API. How to Help Protect Yourself from Data Breaches. Of course, if you are one of those potentially affected users, you are strongly recommended to change your passwords immediately. Also, change passwords for other online accounts for which you are using the same password as for Taringa account. Even if any website allows you to create an account with a weak password, you should always choose a complex password. Use a good password manager, if you find following best practices difficult. Moreover, avoid clicking on any suspicious link or attachment you received via an email and providing your personal or financial information without verifying the source correctly.