This website is selling your usernames and passwords on the darknet

Information came from darknet breaches
Posted at 7:57 PM, Feb 26, 2018
and last updated 2018-02-26 23:27:42-05

It's a place where criminals sell everything from drugs, guns, and stolen identities… to human remains.

You can't Google your way on to the darknet, you have to download a special kind of software known as “Tor”.

The Tor browser conceals your identity and your online activity allowing you to anonymously search the internet, opening the door to a shadowy world of cyber marketplaces, where everything you can imagine can be bought and sold in secret.

With the help of anti-hacking firm “KnowBe4" based in Clearwater ABC Action News found a darknet site selling access to people’s bank accounts.


Websites tell you if hackers stole your personal information in data breaches

Find out if your email has been breached with this website

A cyber expert at KnowBe4 tells ABC Action News that one step is all it takes for someone to cash in and rip an innocent victim off on the darknet. 

"One step. It’s all there for the taking... it’s all there," said the cyber expert, who asked us not to name him because his work requires him to stay as anonymous as he can.

ABC Action News found another site selling access to usernames and personal passwords of employees, associated with Tampa General Hospital, USF, University of Tampa, The Tampa Bay Buccaneers, The Rays, Hillsborough County Schools and more.

It's all being published on a website that’s actually not a darknet site, but the information it’s selling originated there, after high profile breaches of consumer sites, including LinkedIn, Adobe, and Dropbox, which are places where people use their work email domain to log in.

And if they use their same work email password... that’s a problem.

"The problem is all that data is being stored somewhere... and it has the ability to be comprised," says Tony Martinez with CyberSequr 

But what surprised us is how far reaching these breaches go. We found information claiming to be personal passwords to employees at the FBI, the CIA, Centcom, even The White House.

We alerted every organization and forwarded them everything we found. Those who responded told us the passwords were no longer valid.

However, our expert says that doesn’t matter because hackers can run old passwords through an automated program to see if they’re active anywhere else.

And then they can weaponize that information to launch hack attacks.

Hack one, and you’ve hacked them all.

The site that’s selling the information operates from the Seychelles Islands off the Coast of Africa.

We’re not naming the site, but we did reach out to them and asked them why they're publishing personal passwords.

They say the information is public because it’s already been breached, and is being donated to them anonymously.

They claim to be providing the information so that people can see if their information has been hacked and leaked.

We tested our own email domain here at ABC Action News and found at least two employees with their current and active personal passwords exposed, and being sold on this site.