August 02, 2012

According the hackers:

  1. wnd target  : www.pearl.fr
  2. Category     : french e-commerce website, not that big, not that small
  3. Type         : SQLi (PHP/MySQL) + various XSS
  4. Total loss   : 729115+ customers accounts compromised with e-mails/passwd
  5.                1115050+ bank transactions exposed

Though many passwords were not released as a part of the breach to do any real statistical analysis, we can say this much:

  1. There are lots basic passwords such as 1234abcd, nathalie, etc...  Though 'baguette' did not make it onto the list.
  2. The password are in cleartext. 
  3. We do have to call out the most complex, hard core breached consumer password:  
    cba2f1279912bc3381da210ed8dd3b89


Authors:

Share:
Share on LinkedIn

Comments

  • E-Commerce.
    Thanks for providing such informative blog, you have nice post here. I will be back soon. continue this hard work, people will be appreciate you like me.

  • E-Commerce.
    I am really glad that I have found this post and I thank you for letting us know about this information.This is a big help for sure!! Thanks!

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.