Research report “Leet.cc data leakage”
The latest data breach case affected Leet.cc. ElevenPaths’ intelligence analysts reveal the details of in this research report. Download the new report and find out more!
In February of 2016, the web page Leet.cc experienced a case of unauthorised access after its attacker claimed responsibility for the attack through a message published on the platform itself. In August of 2016, it became public knowledge that the platform was compromised when a database of more than six million users was leaked. Eventually, on 29 September, the perpetrator of this incident, associated with the Twitter account @anthraxiation, published the entire database on multiple file-sharing platforms.
The exposed personal information included usernames, email addresses, login dates and service records, as well as each user’s most recent IP address used to access the platform. The passwords had been stored with a SHA-512+salt hash algorithm that offered an additional layer of security.
The affected platform is dedicated to leasing Minecraft Pocket Edition servers. Though adults also make use of this game, its use it more extensive throughout the child and teenage population, and therefore the possibility that a large number of under-age users were affected is a real-life scenario.
Our analysts advise to maximise precautions to prevent potential attacks against this type of more vulnerable user.