Social networking platform Taringa! has confirmed a data breach that exposed nearly every record in its 28 million registered user base.
On 4 September, data breach notification LeakBase disclosed a hack where attackers allegedly stole the records for 28,722,877 registered users of Taringa!, a popular Latin American social media site. The Hacker News obtained a copy of that database. Through its own analysis, the information security news website confirmed the database contains usernames, email addresses, and passwords protected with the weak MD5 hashing algorithm. It also verified a portion of these account credentials by reaching out to some of the affected Taringa! users, who verified the authenticity of their passwords.
By exploiting numerous vulnerabilities in the MD5 hashing algorithm, the LeakBase team cracked 93.79 percent (nearly 27 million) of the leaked passwords in a matter of days.