1.4 Billion passwords hacked in December 2017

Wordpress security alert

1.4 Billion passwords hacked in December 2017

1.4 Billion passwords hacked


Over 1.4 Billion passwords were hacked across numerous websites in early December and pasted on the dark web. Hackernews confirmed this became common news after being posted on Reddit. It’s also been confirmed these passwords have been not only been verified but have been pasted into plain text for anyone to use.

Wordfence has also confirmed the news and has recommended users upgrade to their premium version which includes the list of the hacked passwords in their password strength measuring test. These passwords were likely used in the brute force attacks that occurred during an odd spike in December.

Am I at risk?

As always, Creative Wavelength recommends you use a strong password at minimum incorporating multiple special characters & caps that you can still remember. I also recommend you change your passwords since this news & use a unique password for each website. Especially for any important websites for the running/accounting of your business or social media information that could be used to incriminate or blackmail.

If you have a password like 123456, 111111 etc. I recommend you immediately change it!

Website owner advice

Website owners should double check analytics or security information for any odd behaviour or brute force attacks and addition run scans to make sure their website has not been compromised.