Gamigo hacked, 11 million passwords online
8 million email addresses also stolen and shared
Half a giga-byte of hacked user data from German MMO site Gamigo has been posted online, including as many as 11 million passwords and 8.2 million email addresses.
The data was posted on the InsidePro forum on July 6 as a list of email addresses and passwords containing cryptographic hashes. It's believed to have been accessed in March, but not revealed until now.
"It's the largest leak I've ever actually seen," internet security expert Steve Thomas of PwnedList told Forbes.
"When this breach originally happened, the data wasn't released, so it wasn't a big concern. Now eight million email addresses and passwords have been online, live data for any hacker to see."
Thomas examined the data and found company email addresses for IBM, Allianz, Siemens, Deutsche Bank, and ExxonMobil.
In March Gamigo reset all passwords for its games and accounts after an attack on its database, which should minimise the effects of the leak.
"We cannot rule out that the intruder(s) is/are still in possession of additional personal data, although to date we have received no report of any fraudulent use," it warned users at the time.