Another “historic” hack and leak: 51 million iMesh accounts for sale

Email addresses and login credentials of some 51 million users of the recently defunct iMesh file sharing service are being sold online for 1 bitcoin.

The seller is “peace_of_mind,” the same one that has recently offered for sale user records stolen from VK, Tumblr and LinkedIn. Whether the seller is also responsible for the theft of the data is impossible to know for sure.

iMesh was extremely popular at one time (it was the third-largest music and video sharing service in the US in 2009), but its popularity has since declined, and it shuttered its door last month. So, it’s a bit difficult to verify whether the records offered for sale are genuine.

The Leaked Source team believes that the hack happend on or around September 22nd, 2013, as that’s the date on which the most recent accounts contained in the database were set up.

According to ZDNet, the company’s COO Roi Zemmer did not explicitly deny that the hack happened, but said that they are not aware of any hacks at the moment. He also did not confirm or deny that a sample of the database that was sent to him contained information that may have been stolen from the firm.

Apart from the email address, username and password, each leaked record contains an IP address, a Country location, and a join date.

Passwords, which were stored in multiple MD5 rounds with salting, were easily decrypted, and the “most used” list is depressingly familiar: “123456,” “password,” and “111111” are in the top ten.

According to the IP addresses and location info, nearly 14 million users were from the US, 3.9 milion from Turkey, 3,6 million from the UK, and the rest are strewn across the EU (mostly) and the rest of the world.

The email addresses of the users reveal that most were Hotmail, Yahoo, and Gmail users, and the join date revealed that 2011 was the year when 9,4 million new users joined, and only two years later that number has fallen to 2,5 million.