Indexed records of email addresses, passwords, and more were on WeLeakInfo.
On Thursday, the U.S. Department of Justice announced the seizure of the WeLeakInfo.com domain. The website, operating under a similar premise to HaveIBeenPwned, allowed users to see if their information was involved in one of more than 10,000 data breaches. WeLeakInfo went much further than hack confirmation, however, by offering subscriptions to the data itself, which often included cleartext passwords.
U.S. authorities worked with the U.K., Netherlands, Germany, and Northern Ireland to bring the site down. Two individuals believed to operate the site were arrested in the Netherlands and Northern Ireland.
What was WeLeakInfo? — Operating under the guise of public service, the website gave bad actors access to data breach information they could then use for attacks in the U.S., U.K., and Germany.
“We know that weleakinfo.com formed an extremely valuable part of a cyber criminals toolkit,” said Andrew Shorrock, Senior Investigating Officer at the U.K.’s National Crime Agency, in a statement.
WeLeakInfo sold plans ranging from one day to three months of access to more than 12 billion indexed records of names, email addresses, usernames, phone numbers, and passwords. For as little as $0.75 a day, amateur hackers could use this database to launch credential stuffing and phishing attacks. The more ambitious among them had the power to accomplish network breaches.
The future of data privacy — As international governments take data privacy more seriously, more sites like these should crumble. At least three other sites, Dehashed, Snusbase, and Leak-Lookup, are still operating the same way as WeLeakInfo. Advanced hackers will persist, but these kinds of efforts remove this low-hanging fruit.