LivingSocial Database Dump?

Probably not but interesting nonetheless… (update … confirmed fake … see Brian Krebs comment below)

The dump posted on April 27th by katographr to PasteBin appears to include user email addresses, SHA-1 160-bit hashes, and base64 encoded salts. The text below shows the beginning of the paste and the first three entries for the more than 4,000 accounts. I did a few searches on the hashes above just to see if they were pulled from another dump and didn’t come across any. Anyone try to crack any of these yet?

livingsocial.com 4K accounts selected randomly from a sample of
over 50M accounts
full dump: http://pastebin.com/gkB6LQZD
(email address)     1e7e7de494006873ef1b5f726f0c352e18c78e06
gksCIAlum9Vu2Svzdq27SEiQQ3KdSq1BCpt_Z_1qNSoC9qxaMMNAUg==
(email address)     f564bd31af7fe734973f9c3151bf0163bcdce405
mG20er4YPk4tEO3iDCZRc7o9UJNlHJECOfTUEgRcjS7jUCLMPb1h7g==
(email address)     a7f99404ccadb31ad76d28528eb5fb64805c3645
KKNFe1ck2UWzw6NjhzsGCEaBwLhVxNBXpkSXheoBKM2QW5oamCw-6A==

Following the link to “full dump” above asks for 1 BTC for the entire dump of 50K accounts.

livingsocial.com db dump with over 50M email/hashed password/
salt; get a private copy by sending 1BTC to
17seaSU3C37o6z8TRG2yjE4VgVCUoQ4fPa and email
[email protected] with your sending address
random sample of 4K records: http://pastebin.com/xhPHeF0B

 #####

Do you think this is the real thing? Let us know in the comments below. Today’s post pic is from PCAuthority.com.au. See ya!

10 comments for “LivingSocial Database Dump?

  1. April 28, 2013 at 3:20 pm

    LivingSocial Database Dump? https://t.co/3BqEZ5z0xt

  2. April 28, 2013 at 3:41 pm

    Hey Grecs,

    Those are all fakes. If you take a few of those emails listed and try to sign up for accounts using them at livingsocial, you’ll find very few of them if any already are tied to accounts there. It seems to be just a way to scam people who are desperate for the whole DB.

  3. April 28, 2013 at 4:04 pm

    Brian: Thanks… Figured as much.

  4. April 28, 2013 at 4:11 pm

    BLOGGED: LivingSocial Database Dump? http://t.co/L9TWfDIVjM

  5. April 28, 2013 at 5:53 pm

    Probably not but interesting nonetheless… (update … confirmed fake … see Brian Krebs comment below) The dump p… http://t.co/bVqIghA4hU

  6. April 28, 2013 at 9:31 pm

    No problem, Grecs. Also, I checked on that story from SecurityWeek that got slashdotted, and claimed that the LivingSocial database had been shared on Russian hacker forums. That may be true, although I could find no evidence of that on any of the forums I frequent (quite a few).

    More to the point, I reached out to Rapid7, which said the story conflated the company’s press release on the matter, which was comparing this breach to last year’s breach at LinkedIn, in which LinkedIn password hashes were in fact posted onto hacking forums. Rapid7 said it saw no indication this was the case with LivingSocial’s hashes.

  7. April 29, 2013 at 7:00 am

    LivingSocial Database Dump? – http://t.co/uW8jT0YM7H

  8. April 29, 2013 at 10:08 am

    Hey Grecs,

    Just because the email listed in the samples are not associated with any current Living Social account doesn’t imply that the dump is inherently false. Many people have reported receiving the breach notification mail from LivingSocial, even though they have never had an account there. It seems that much of the database was collected via acquisition, rather than being direct LivingSocial customers.

    Cheers,
    Rik

  9. April 29, 2013 at 2:31 pm

    Mmm? Interesting…

  10. July 23, 2018 at 3:20 am

    Do you really want to find out what your cheating spouse is hiding from you? The time is now because before i could contact this very hacker whom help me out on this i neglected his post and have been trying so many other hackers whom are just interested in collecting money from me. But i was very glad to have finally contacted “CYBER WIZARD” on his email “[email protected]” whom was so loyal,smart and intelligent.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.