Skip to main content

“Have I Been Pwned?” owner uncovers 13 million plaintext passwords leaked from free webhost

have i been pwned owner uncovers 13 million plaintext passwords leaked from free webhost is a safe password even possible we
guteksk7/Shutterstock
000webhost, which implores users to “forget the stereotype that free hosting is unreliable” on its homepage, may need to re-think that bit of copy.

The free web host, which was both storing and transferring user information in plaintext, has been compromised. Users’ email address, passwords, and IP addresses are all being bought and sold by hackers. Passwords have been reset by the host, but anyone who used their passwords for other sites should change those as well.

This took a lot of work to get to the bottom of, hard to fathom hard bad this 000webhost breach is on many levels: https://t.co/xzRxvSTfiZ

— Troy Hunt (@troyhunt) October 28, 2015

The leak was made public today in an extensive blog post written by web security expert Troy Hunt, who runs the site HaveIBeenPwned. The site lets anyone search a database of known leaks to find out if their personal information has ever been compromised, and occasionally people email him about unknown leaks.

“Hey,” a message Hunt received said, “approximately 5 months ago, a certain hacker hacked into 000webhost and dumped a 13 million database consisting of name, last name, email and plaintext password,”

Hunt looked into the claims, found out they were legitimate, then attempted to contact 000webhot to fill them in (Hunt doesn’t want HaveIBeenPwned to be a service that announces leaks).

Getting in touch with 000webhost, however, proved impossible –he basically got back only generic helpdesk advice. Eventually Hunt asked Forbes journalist Thomas Fox-Brewster for help getting in touch with the company, but they didn’t get back to him either. They did, however, change users’ passwords en masse – without informing anyone why.

Only after Fox-Brewster published an article about the breach, and Hunt published his blog post, did anyone at 000webhost publicly acknowledge the breach. A Facebook post informed users, along with a small note on the company’s website.

“Due to security breach, we have set www.000webhost.com website on maintenance until issues are fixed,” the homepage currently says. FTP access is reportedly cut off until November 10.

So, is free hosting reliable? Hunt, for his part, thinks you should be skeptical.

“When you see free or really cheap hosting and wonder why AWS / Azure / et al seem expensive, think of what corners they may be cutting,” he tweeted.

Probably good advice.

Editors' Recommendations

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
Time to change your Twitter password: 32 million accounts may have been hacked
twitter suspends extremist accounts app

Mark Zuckerberg, Katy Perry, Keith Richards, Tame Impala, Drake, Tenacious D, oh, and Twitter founder Evan Williams. What do they have in common? They've all had their Twitter accounts compromised in recent days, that's what.

And late Thursday it emerged the apparent hack could be serious. Like 32-million-accounts serious.

Read more
Dropbox hit in password leak, though its own servers remain secure
Samsung Galaxy 2 dropbox

Dropbox has been targeted by hackers who claim to have login details for nearly seven million of its accounts.

To prove the authenticity of its attack, hackers on Monday posted on the Web hundreds of Dropbox username and password details in plain text, with a request for Bitcoin donations for further posts revealing more of the data, TNW reported.

Read more
This HP 15-inch laptop is discounted from $460 to $300
hp 15 6 inch laptop deal may 2023 15t featured image lifestyle

If you're planning to buy a new laptop but you don't need all the bells and whistles to keep the cost low, you should check out the HP Laptop 15z. It's currently on sale from HP at $160 off, which pulls its price down to an affordable $300 from $460 originally. With the growing importance of owning a dependable laptop, there's always high demand for offers like this one, so you'll have to proceed with the purchase immediately if you don't want to miss out on the discount.

Why you should buy the HP Laptop 15z
The HP Laptop 15z won't blow you away with its specifications, as it's humbly equipped with the AMD Athlon Silver 7120U processor and AMD Radeon Graphics, with 8GB of RAM that's considered by our guide on how much RAM do you need as a starting point for laptops. The device won't be able to edit large video files or play the latest video games like the best laptops, but it will do a fine job in helping you complete daily tasks like browsing the internet, editing documents, working with spreadsheets, and preparing presentations. It can also serve as a decent entertainment hub with its 15.6-inch HD display that's surrounded by narrow bezels on three sides.

Read more