Mweb dsl account details hacked, usernames && password released

[Trowalts]

Oh shit fuck, excuse the language but the people at mweb screwed up big time!

A LONG list of mweb user details including passwords have been released, think about changing your isp perhaps? Although security on most of South Africa's websites are rather dodgy, except for the banks they're top notch (Excluding captitec, xss on home page, so lame...)

Released today:
http://seclists.org/fulldisclosure/2010/Oct/368

So who's account to take first...

 

[Senticall]

I am not amused :<

 

[Strategist01]

Lulz, epic, epic lulz. Hmm, I wonder if these would work on mah telkom router?...

 

[Maplassie]

Problem being this.

Once you take one of the accounts to use on your router, mweb can pick it up on your circuit number and thereby trace and prosecute

 

[sycogrim]

Yeh but plassie thats if the BDSL accounts allow you to use them on a Dynamic solution for one and secondly not every individual has a circuit line/Diginet Line, so it's not all that easy to trace really...

Oh and not forgetting that the majority of those BDSL accounts fall under static solutions.

 

[Gimaru]

Should I be concerned? Change my password perhaps

 

[DenSweeP]

Those are also only business accounts correct? So anyone with a normal home-use account is fine?

 

[sycogrim]

Those are also only business accounts correct? So anyone with a normal home-use account is fine?

From what I saw in that list, it looks to be a majority of Business ADSL Accounts, I havn't come across any private accounts....