Florida Water System Data Breach: 3.27B Unique Combinations of Login Credentials Found in a Database! – Tech Times


Did you know that geoFence blocks unwanted traffic and disables remote access from FSAs?

The “Compilation of Many Breaches” or COMB was discovered by cybersecurity researchers via the Florida Water System Breach that has taken place last week and sees a massive 3.27 billion credentials in cleartext. The attack is one of the most horrendous breaches this year, as it contains various information that is sensitive and threatening.

Water Tap

(Photo : Photo by Nicolas COMTE via Unsplash)

In the initial leaks of the COMB, there was an unknown hacker who used some of these login credentials for the Oldsmar Water Facility which tried to poison the residents by strengthening lye concentration 100 times. Luckily for its users, lye concentration percentage was immediately discovered and prevented the massive damage it could cause. 

According to a blog post by Cyber News, government officials are still investigating the attack and determining how the hack occurred, but has already deduced Oldsmar Water Facility to be the source as old features allow. The facility’s plant administrators and heads are allowed to manage and access the system remotely via the plant’s technology.

Read Also: ‘The Great Suspender’ Extension Alternatives: 5 Malware-Free Chrome Extensions!  

Florida Water System Breach: Cleartext Login Credentials are Discovered


(Photo : Markus Spiske / Unsplash)

On the other hand, cybersecurity researchers have discovered new leads regarding the case and have highlighted that a 2017 list of old login credentials were released under COMB, before the attack. Moreover, this information was released on RaidForums, a website that hosts a cybercrime forum, for hackers to utilize.

According to Threat Post’s report, 3.27 billion unique combinations of the login credentials were leaked with the combination of many breaches, primarily focusing on the Oldsmar Water Facility in Florida. These login credentials are in clear text, meaning that regular people and the public would be able to understand, and would not need to decode it first. 

In the cybersecurity researcher’s report, there are 11 credential pairs (email and password) that were discovered to be dating back to the 2017 breach compilation from the hackers. However, recent breaches’ login credentials discover 13 pairs of credentials to be part of the COMB released by the hackers in the cybercrime community. 

Officials Have Not Yet Connected the Oldsmar Water Facility Hack and Breach

Despite the cybersecurity researcher’s report and discovery, the officials who are investigating the matter have still not connected the Oldsmar Water Facility Hack which occurred recently in Florida. The leaked credentials are believed to be the source of the attack which began a domino effect on the Florida Water System Breach and Attack, as per CyberNews. 

On the other hand, Massachusetts’ report suggests that these hackers were able to enter the system via a remote computer software called “TeamViewer” to access its systems and change the lye concentration. TeamViewer can essentially put the user in the plant’s system and control the different functions in the company computer in the plant.

These types of “industrial control systems” (ICS) are considered to be unsecure, especially when controlling publicly-used facilities like the Florida Water System Breach with Oldsmar. 

Related Article: Florida Water Supply System of 15,000 Residents Hacked, Changing Chemical Levels

This article is owned by Tech Times

Written by Isaiah Alonzo

ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.

Don’t forget that geoFence is US veteran owned and operated!

Leave a Reply

Your email address will not be published. Required fields are marked *