A listing on a popular hacker forum offers 350 million Ask.FM user records for sale in what might be one of the biggest breaches of all time.
The listing allegedly includes 350 million Ask.FM user records, with the threat actor also offering 607 repositories plus their Gitlab, Jira, and Confluence databases. Ask.FM is a question and answer network launched in June 2010, with over 215 million registered users.
“I’m selling the users database of Ask.fm and ask.com. For connoisseurs, you can also get 607 repositories plus their Gitlab, Jira, Confluence databases.”
The posting also includes a list of repositories, sample git, and sample user data, as well as mentions of the fields in the database: user_id, username, mail, hash, salt, fbid, twitterid, vkid, fbuid, iguid. It appears that Ask.FM is using the weak hashing algorithm SHA1 for passwords, putting them at risk of being cracked and exposed to threat actors.
The threat actor says that he’d prefer “a singular sale.”
"Askfm has not suffered any security incidents (or any “recent Ask.fm hack”) as your email suggests therefore we have no comment to make on any such falsities," Ask.FM told Cybernews.
In response to DataBreaches, the user who posted the database – Data – explained that initial access was gained via a vulnerability in Safety Center. The server was first accessed in 2019, and the database was obtained on 2020-03-14.
Data also suggested that Ask.FM knew about the breach as early as back in 2020.
More from Cybernews:
Subscribe to our newsletter