More than 300,000 user credentials were published on Pastebin over the past year, with an average leak containing 1,000 user credentials.
According to research by High-Tech Bridge, Pastebin is commonly used to share text online and is often used by programmers sharing software code, while administrators are often removing records containing stolen information as fast as they are put on the site.
Of what is posted on Pastebin, 40 per cent is email details – with 25 per cent of accounts Gmail and 22 per cent Yahoo Mail. 13 per cent of data posted is social network data and within that, 92 per cent related to Facebook.
Ilia Kolochenko, High-Tech Bridge CEO said: “300,000 compromised user accounts during the last twelve months is a huge number if we take into consideration that this amount of information is being stored just on one single legitimate website.
“Moreover, these 300,000 are just a small percentage of the stolen information posted publically by hackers. It’s impossible to make a precise estimate of how many user accounts were really compromised, but I think we can speak about several hundreds of millions at least. People finally need to understand that the Internet is very hostile place, while online service providers need to finally start taking network security seriously.”
Pastebin announced plans to hire more staff to help police “sensitive information” posted to the site. Pastebin said that it asks its members not to post password lists, source code or personal information and it received an average of 1,200 abuse reports a day via Pastebin’s on-site notification system and by email.