More than 26 million decrypted Gmail and Yahoo accounts stolen from previous data breaches are being sold on the Dark Web by a vendor with the handle, SunTzu583. The accounts were culled from several data breaches, including Bitcoin Security Forum in which 5 million Gmail passwords were stolen, and the Adobe breach, in which 153 million accounts were stolen, according to a report by Hackread.
Other data breaches from which the vendor stole data include the MPGH.net breach which affected 3.1 million users, the Dropbox breach which affected 68 million users, and the Nulled.cr breach which affected 599,000 users.
The Dark Net vendor is also selling 5,741,802 Yahoo user data, with a listed price of USD 250.48 (BTC 0.2532). The vendor has added a caveat to potential buyers, warning them that “Not all these combinations work directly on Yahoo, so don’t expect that all these email and passwords combinations work on Yahoo.”
To prevent unauthorized access to online accounts, individuals can protect themselves by changing passwords on various sites, especially if those passwords have not been changed recently.