|
|
|
|
|
|
by nikcub
3283 days ago
|
|
|
Based on the names mentioned I searched for their email addresses in password dumps and they all match the large 500M+ lists (anti public and exploit.in - covered here[0]) that have been available on some of the credential-stuffing and hacking forums since late last year. They are aggregate lists composed of MySpace, LinkedIn and other breaches. It appears someone has grepped out parliament.uk emails from those leaks and then published it separately, the earliest mention of such a list that I can find online is from mid-May. The credential stuffing and darkweb markets are full of such lists as the scammers attempt to make a dollar or two from content that is otherwise publicly available by slicing it in interesting or appealing ways. I doubt any of the credentials would have worked against the parliament Office 365 login[1] as either the IT admins would have noticed, and/or the list is old enough where it would have been noticed far earlier plus Office 365 even without MFA enabled or enforced will usually require an email or SMS confirmation for a new device login or a login that doesn't match user pattern. The story mentions they disabled logins, but it appears to still work. This is likely just a precaution from the IT department over what is a relatively minor issue since it is easier to pretend you're doing something rather than having to explain to the media that this is an old issue and not that big a deal. [0] https://www.cert.govt.nz/businesses-and-individuals/recent-t... [1] https://intranet.parliament.uk |
|
|
It must be total chaos in the UK now! 110748 super secret government emails and passwords leaked on a hacker forum :P