Wednesday 31 May 2023, Poradnik bezpieczeństwa

Leak of several million Polish logins and passwords.


This week, about 6 million entries were published on the Tor forum called Cebulka, which were supposed to contain Polish users' login details for the most popular portals.

How were the passwords stolen? There is a probability that they were downloaded from users by means of malware, so-called "stealer". Once infected, it downloads all the passwords on the victim's computer and sends them to the creators. Additionally, it is quite likely that the database is very up to date. It can be concluded that it has data even from 2023, and the number of victims is estimated at over 100,000 victims.

Example domains and number of items: 119 334 88 282 44 385 28 747 12 056 10 761 2672 10 140 1227

Some time ago, there was a bank customer data leak. As a consequence, banks blocked the possibility of paying by card for a limited period of time. It is possible that these events are related.