- Breach date: 16 October 2024
- Date added to HIBP: 7 November 2024
- Compromised accounts: 420,961
- Compromised data: Email addresses, Usernames
- Breach date: 16 October 2024
- Date added to HIBP: 7 November 2024
- Compromised accounts: 420,961
- Compromised data: Email addresses, Usernames
Only usernames and email addresses were taken so nothing particularly valuable although if you’re subscribed to Earth 2 you’re probably a bit gullible, so maybe it is worth having a list of known idiots email addresses.
Oh yeah, that list is going to be an absolute goldmine for scammers.
And honestly, if crypto people had any self reflection at all, the fact that being overtly a crypto person makes scammers flock to them, because they have hard data showing, statistically, how gullible they are should really make them reconsider being crypto people.
Crypto is a revolutionary product because it enables users to possess their own units of account. With great freedom, comes great security concerns. Keep in mind, the vast majority of scams are still conducted with fiat currency. Blaming ignorant crypto users does not overshadow the value digital assets provide to humanity. These benefits include: protection from fiat debasement, the ability to transact without intermediaries, global accessibility, privacy, and transparency. We’re using the fediverse for fucks sake, so some of these features ought to be seen positively by many of us. You’re absolutely right that greedy and gullible are drawn to crypto because “line goes up.” There will always be a learning curve for new technology and hard lessons will be taught to early adopters.
By this reasoning, so is Monopoly money.
I should have clarified: the revolutionary part is that through the possession of data (private keys), users are able to lay claim to their units of cryptocurrency.
Monopoly money is issued by Hasbro (private institution), can be fairly easily counterfeited, has little to no acceptance outside the context of a board game, and there’s no upper limit to how much can be printed. On top of all that: there’s no cryptographic way to prove the validity of Monopoly money and it can’t be transferred across the planet as easily as sending an email.
Every single time anyone mentions crypto always some idiot comes out of the woodwork and starts to have an argument about the definition of fiat.
So let’s just say this right now and then move on shall we, If it’s currency it’s fiat, therefore crypto is also fiat
Fiat is government-issued currency with no underlying commodity and no upper limit. Crypto has no government backing and its issuance is determined by each cryptocurrency system (maintained by miner consensus). Some crypto has upper limits and others do not. I think having no supply limit is the distinction you’re trying to define as fiat.
It just means that it is a representation of some other wealth. Gold isn’t fiat because gold itself is the thing that has value, currency is fiat because it is a representation of value not in and of itself valuable.
All currency is by definition fiat because all currency is a representation of value. And the crypto Bros keep telling us that bitcoin and similar are currency so they are therefore fiat.
Value of anything only exists in the minds of humans. No value is inherent to anything. You’re absolutely correct that gold isn’t fiat. But gold could absolutely be used as currency. Its in circulation and used as a medium of exchange. You’re also right that crypto is a currency. But its not a fiat currency. Crypto and fiat are both mediums of exchange not backed by a commodity. The key distinction is that fiat also relies on trust from the issuing institution.
People commonly reuse the same usernames and passwords with an associated email. All that must be done is check breach data for matching email and username and then try the password from the list. You’ll likely find more than a few will be a match
You are correct that people commonly reuse passwords. People are stupid after all. But in this case passwords weren’t taken because they were encrypted, so all they’ve got is user names and email addresses.
From the sounds of it, the database was actually pretty secure the problem was the interface between the database and the website wasn’t. Good news is because the database was secure not a lot of sensitive information has been leaked.
The comment you are responding to had meant that a bad actor can cross check other breached datasets for the emails and usernames leaked from Earth2.
Since people reuse not just passwords but emails too, one may get access to other accounts of the impacted users, potentially even to accounts which have not been breached.
Yes I appreciate that but what I’m saying is that there isn’t really a reason to hack Earth 2 accounts.
Ostensively it is an upcoming game, It isn’t it’s just a crypto scam, that people have registered interest in but I don’t believe there’s anything they can actually do on the accounts yet. It’s essentially just pre-registration.
So really all that anyone has got out of this is a list of email addresses they could use for phishing. It’s not like they’ll get any new passwords out of it to hack on other services such as email providers or bank accounts
Looking at some of the news and discussion surrounding the game, it is clear that there are significant financial transactions involved.
The game is also four years old, well beyond the stage of mere interest checks.
It could be argued that the hack was carried out without a specific goal or knowledge of what data might be gained (as a display of hacking prowess, for instance). However, in this case, it’s clear why this particular game was targeted.
Whether or not the users “deserved” it is a separate discussion; one where I would agree with you. Many of the people involved may have been too trusting or gullible in their investments.