Check if your email account has been exposed!

This post is about the 24,000 email accounts that were recently made public (along with their passwords) on pastebin.com website, a few days ago. From the depths of the Internet (some Google cache) I have managed to get a copy of that list. I have split that list in two and HERE is the username list and HERE is the (shuffled!) password list.

Anyone interested can search himself in the username list to see if his account has been exposed. The passwords do not match because I have intentionally shuffled them. My purpose was not to expose peoples passwords but to make a statistic analisys on the 24k list, similar to this analysis made on the first 10k list of accounts posted on pastebin.com.

So, the list that I found had initially 24,546 entries. Not all of them were in the username@domain/password format so, after a bit of cleaning, I got a 23,573 list of useful accounts. Then I removed the duplicates and I got the final list of 21686 entries. On this list I have made my analysis.

I should mention that there are not only Hotmail accounts in the list but also Yahoo, Gmail, AoL and other accounts. Here is the top 20 domains and the number of accounts for each of them:

1. hotmail.com – 12478
2. yahoo.com – 3012
3. aol.com – 827
4. gmail.com – 512
5. msn.com – 443
6. hotmail.fr – 346
7. comcast.net – 321
8. aim.com – 287
9. sbcglobal.net – 275
10. hotmail.co.uk – 206
11. neomail.com – 153
12. hotmail.es – 117
13. cox.net – 116
14. verizon.net – 96
15. bellsouth.net – 95
16. live.com.mx – 71
17. yahoo.ca – 63
18. yahoo.co.uk – 63
19. charter.net – 47
20. earthlink.net – 46

And the pie version if you like:

Domain distribution

If we look at the usernames, we can see that the first 9,586 of them are alphabetically ordered and they are the ones from the first list posted on pastebin.com. They begin with letters ‘A’ and ‘B’. As Mr. Bogdan Calin said, based on their passwords, they seam to belong to the Latino community. But the rest of the accounts seam to be from worldwide.

The most used password is still 123456 . As you can see below, from the total of 21,686 passwords, 91 of them were 123456 . Here is the top 100 of the most commonly used passwords from the list:

1. 123456 – 91
2. neopets – 39
3. monkey – 27
4. 123456789 – 26
5. 123321 – 24
6. password – 23
7. iloveyou – 17
8. princess – 16
9. horses – 16
10. tigger – 15
11. pokemon – 14
12. cheese – 14
13. 111111 – 13
14. kitty – 13
15. purple – 12
16. dragon – 12
17. nicole – 12
18. 1234567 – 11
19. alejandra – 11
20. daniel – 11
21. bubbles – 10
22. alejandro – 10
23. michelle – 10
24. 12345 – 10
25. hello – 10
26. cookie – 10
27. chocolate – 9
28. hottie – 9
29. alberto – 9
30. 12345678 – 9
31. fluffy – 9
32. buddy – 9
33. 123123 – 9
34. cassie – 9
35. andrea – 9
36. secret – 9
37. shadow – 9
38. tequiero – 9
39. metallica – 9
40. poop – 8
41. hi – 8
42. sebastian – 8
43. jessica – 8
44. adopt – 8
45. 654321 – 8
46. justin – 7
47. newpw123 – 7
48. scooter – 7
49. soccer – 7
50. holly – 7
51. hannah – 7
52. flower – 7
53. 1234 – 7
54. jessie – 7
55. ashley – 7
56. tiger – 7
57. lauren – 7
58. football – 7
59. elizabeth – 7
60. casper – 7
61. roberto – 7
62. 000000 – 7
63. legolas – 7
64. estrella – 7
65. 159753 – 7
66. anime – 7
67. sabrina – 6
68. moomoo – 6
69. angelica – 6
70. cat123 – 6
71. bonita – 6
72. buster – 6
73. kitten – 6
74. killer – 6
75. qwerty – 6
76. chelsea – 6
77. sasuke – 6
78. olivia – 6
79. theresa – 6
80. america – 6
81. beatriz – 6
82. mariposa – 6
83. oscar – 6
84. rainbow – 6
85. yellow – 6
86. cool – 6
87. ginger – 6
88. maggie – 6
89. friends – 6
90. asdfgh – 6
91. abc123 – 6
92. neopet – 6
93. dancer – 6
94. amanda – 6
95. avatar – 6
96. boogie – 6
97. greenday – 6
98. thumper – 6
99. 666666 – 6
100. bob – 6

About the passwords format, I could extract the following statistics:

  • 43.3%   alphanum, lower case. Example: monkey
  • 2.1%     alphanum, lower and upper. Example: Thomas
  • 15.8%   numeric only passwords. Example: 123456
  • 35.1%   alphanum and numbers. Example: j0s3ph
  • 3.6%     alphanum, numbers and special chars. Example: sandra19_1961
  • 30%      numeric ended passwords. Example: hello1

If we look at the password lengths in the following graph, we can see that most of them are 6 characters long:

Password length distribution

In conclusion, now it’s a good time to do  our regular password change routine. Choose a long and complex password and beware of phishing attempts!

Cheers,

About these ads

One Response to “Check if your email account has been exposed!”

  1. […] Check if your email account has been exposed! « StormSecurityThis post is about the 24,000 email accounts that were recently made public (along with their passwords) on pastebin.com website, … Anyone interested can search himself in the username list to see if his account has been exposed. … I should mention that there are not only Hotmail accounts in the list but also Yahoo, […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: