Amazon, Xbox Live, PSN and more: Hackers leak 13,000 passwords

13,000 login details including payment card numbers an expiry dates have leaked from online services including Amazon, Xbox Live, Playstation Network and more, according to Tech Crunch.

The hackers posted a document with details of username and passwords, along with some credit card numbers and expiry dates to Ghostbin – a text storage website.

Websites affected included not only gaming related organisations such as Xbox, Playstation, Twitch, EA Games and Ubisoft, but also shopping chains such as Amazon and Walmart and TV streaming website Hulu Plus. Pornography websites were also included in the breach. Amazon, Sony and Microsoft have “yet to confirm whether the leak is legitimate”, according to Metro.

The wide-ranging mix of websites attacked has led the Daily Dot to suggest that not all of the websites have necessarily been breached, and that login information may have been acquired – at least in some of the cases – by “malware installed onto users’ personal devices or other nefarious methods.”

It has been a bad Christmas for gaming services, with this following swiftly on from the extended outages for the Xbox Live and Playstation Network online gaming services from DDoS attacks, as reported by We Live Security here. At the time of writing, Microsoft has reported that the Xbox Live service is back up and running, though Sony’s Playstation Network is still experiencing outages.

The news got worse for Sony, as the hackers leaking the log-in information – the Anonymous collective have taken credit, according to the Daily Mail – also claimed to have uploaded a pirate copy of ‘The Interview’, which has been in the news as the possible cause of the hacking of Sony Pictures, as discussed by We Live Security here.

Author , ESET

  • Liquidfx Xboxdude

    ddos attacks are one thing but when you steal people’s info then it is purely criminal.

  • solomon kane

    Both are forms of cyber terrorism.

    Overloading a server to take down service is also theft as it robs people of the use for a given period of time and that is use that they pay for. For each individual it might only be a couple of dollars or cents a day, but added up over millions of subscribers that adds up to a target amount of money. And if the company (Sony/xbox/etc.) chooses to give its subscribers credit- (heigh it will undoubtedly do) then it’s the company that is being stolen from and damaged.

    The cc is obviously more overt, both groups belong in prison. A criminal is a criminal. If these lizard clowns who did it for the “lulz” then coped to other ddos but retracted their story at the end to create some semblance of a defence, to make it sound like they were protesting security of the networks. Crime is not it. One does not sneak a gun onto an airline then shoot someone just to say “I wanted to show it could be done because your security is weak”.

  • Jason Mayr

    This is Bulshit, If Obama says he’s doing something about North Korea. Why doesn’t he issue the Department of Justice a order to arrest the Lizard Squad Anonymous for Stealing Private Information and Cyber Terrorism.

    • Filthyfrank Fletcher

      bahahahaa the president is not concerned with some silly video game hacker you fucktard

  • Faraday Defcon

    Well, thats what happens when you refuse to hire good IT guys or think being “compliant” is enough. Time Warner can fix a billion dollar liability by hiring 1-2 guys at 100k a year. Comcast has the same problems. Yes, I’m talking about DOCSIS 3.0

  • john

    Just throwing it out there. The leaked file is just a copy of a file leaked over a year ago. I had it since tge summer of 13. Also thats not even a real anon Twitter. They just want to create publicity using anons name and you retards are just feeding the flame

Follow us

Copyright © 2017 ESET, All Rights Reserved.