538 Million Weibo Records Are Sold on the Dark Web, 172 Million Phone Numbers Included

Having a social media account can help you share your everyday moments with your family and friends or catch up with what is happening in their lives. The downside of using social media platforms is that, while creating them, you often end up sharing personal or even sensitive information. If you do not limit who can see your profile, your personal details could be available to anyone who comes across your account, including hackers. However, the worst part is that social media platforms can hold valuable data of millions of users, which attracts hackers. Their efforts to breach social media websites have already paid off in the past, for example, Facebook experienced its biggest data breach back in 2018 when hackers managed to exploit a vulnerability in the company’s systems. Unfortunately, even a bigger data breach occurred recently as Chinese hackers managed to obtain around 538 million records of Weibo users.

Weibo is a Chinese social media platform that is often compared to Twitter. It had nearly 500 million active users at the end of 2019 and it most likely has even more of them now. Of course, the platform’s reputation might have been damaged when it was revealed that the company experienced a huge data breach and that the stolen Weibo user’s data was sold online. Naturally, if you are using this social media platform, we invite you to read our full blog post, in which, we discuss what happened during the Weibo data breach and what you should do if your data go exposed.

How did hackers obtain Weibo records?

The hacker who stole Weibo records claims that he obtained them during a data breach that took place in 2019. If this is true, it could mean that the company was unable to detect the breach up till now or that it was hiding the incident from its customers for quite some time.

During the attack, the cybercriminal apparently got his hands on a database dump file that contained around 538 million Weibo users’ records. Also, it is said that the file contained data like real users’ names, usernames, gender, and location. Plus, there were around 172 million phone numbers. Weibo owners claimed in Chinese media that none of the users’ passwords were stolen and that users should have nothing to worry about. However, we do not think that doing nothing would be smart. Especially, when it is known that Weibo users’ data is sold online and could be available to any cybercriminal who is willing to pay for it.

What to do if your data was exposed due to the Weibo data breach?

While usernames, locations, and details alike might not seem as sensitive as passwords, they could still be useful to cybercriminals. The fact that Weibo users’ data is sold online on the dark web only proves it. Anything about a user can help figure out his passwords if he creates them while using his personal details. Besides, hackers might be able to combine the data taken during the Weibo attack with information obtained during data breaches performed on different companies’ systems. Also, even though not all 538 million stolen records included phone numbers, a huge amount of them did, and users whose phone numbers got compromised should definitely take extra precautions. As you see, unlike a username, a phone number is a sensitive piece of information.

Secure your Weibo account

Even though cybersecurity specialists say that no passwords got exposed during the Weibo data breach, it is a good opportunity to replace your old password with a stronger one. Currently, it is advisable to use passcodes made from at least 12 characters. Plus, experts advise using both lower-case and upper-case letters, symbols, and numbers. Of course, even if your combination is long enough and made from various characters, it could be still weak if you use your name, date of birth, or any other information that hackers can find online. In other words, a strong password should be made from an entirely unique combination. To make this task easier, you could employ a dedicated password manager that could both generate complex passwords for your accounts and remember them for you. If you have never used such a tool, we recommend trying Cyclonis Password Manager, a tool that can offer even more useful functions.

Ensure that hackers cannot misuse your information

As we said earlier hackers could use stolen information to figure out Weibo users’ passwords. Truth be told, they could also use it to guess passwords of users’ other accounts, for example, passcodes of their email or different social media profiles. Therefore, if any of your passwords are based on your real name, location, or other details that might have been revealed during the Weibo data breach, we highly recommend replacing them as fast as possible.

As for users whose phone numbers got revealed, we recommend keeping it in mind that they could be misused in various ways. Thus, users who do not want to change their numbers should be extra careful from now on. A phone number could be used for various scams, so you should watch out for messages from unknown senders. Even if a message claims that it is from a reputable company, we advise finding a way to confirm it before you do what it asks of you. Also, if hackers know that your accounts are protected with Two-Factor authentication, they could use your phone number to bypass Two-step verification and hack your accounts.

All in all, while it is shocking how much information got compromised during the Weibo data breach, it does not mean that it will get misused if victims of the breach stay alert and take safety precautions. Hopefully, the social media platform’s creators will put more effort into securing their systems as well as create more safety features to help their users to secure their accounts. Also, we hope that the event will be a wake-up call to users of different social media platforms too. You cannot control what data gets exposed during a data breach, but you can limit the information available on our account and, as said earlier, there are always ways to ensure that hackers will not have much gain from your personal and sensitive data.

By Foley
May 18, 2020
Password Security
May 18, 2020
Password Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

218 Million Records Have Allegedly Been Stolen from Zynga

On September 12, mobile and social media game developer Zynga announced that it had suffered a data breach. Zynga, as some of you probably know, is the creator of hit games like FarmVille, Mafia Wars, and Zynga Poker.... Read more

September 30, 2019
News

42 Million Telegram User Records Were Posted on an Underground Forum

Unfortunately, it's not uncommon for information to be exposed without any signs of a data breach. Over the years, we've seen countless incidents where databases are connected to the internet, and the information in... Read more

April 1, 2020
News

49 Million Business Records Are Sold Online After The LimeLeads Elasticsearch Server Data Breach

Those of you who follow cybersecurity news closely are probably getting pretty tired of hearing about the next in a very long line of companies that have put a huge amount of sensitive data in an internet-connected... Read more

January 23, 2020
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.