millions of accounts from Dueling Network , a now-defunct Flash game based on the Yu-Gi-Oh trading card game . Although Dueling Network itself shut down in 2016 in response to a cease-and-desist order , the site 's forum continued running until recently . The message currently displayed on the Dueling Network forum . `` Only our forum site was still up as a way for our users to communicate with each other ( login used DN [ Dueling Network ] credentials ) . Now that is down and warns users to change passwords on any other sites they may have used the same password on , '' Black Luster Soldier , a Dueling Network administrator , told Motherboard in an email . The hacker appears to have stolenAttack.Databreachat least 6.5 million accounts , although Black Luster Soldier cautioned that not all of those necessarily correspond to individual players . `` At the moment , the claim that information has been breachedAttack.Databreachfor 6.5 DN million accounts appears to be accurate . Note that many accounts are duplicates owned by the same user or were never actually logged in , so this number is inflated , '' they said . The data includes user email addresses and passwords hashed with the notoriously weak MD5 algorithm , meaning hackers will likely be able to obtainAttack.Databreacha number of users ' plaintext passwords as well . Paid breach notification service LeakBase provided Motherboard with a small sample of accounts for verification purposes . Motherboard attempted to contact over 50 alleged victims , but has not received a reply at the time of writing . Black Luster Soldier 's working theory is that the hacker used a vulnerability in MySQL to obtainAttack.Databreachthe data . The lesson : As Black Luster Soldier advised , users should change their passwords on any other services with the same credentials as Dueling Network . Even if data from the breached site is n't all that valuable in and of itself , if someone has used the same password on another site , hackers can easily try to access other more serious accounts too
Allrecipes , the self-described `` food-focused social network '' , has sent an email out to some of its users warning that their email addresses and passwords may have been interceptedAttack.Databreachby an unknown third-party . In the email , the site warns that users who registered an allrecipes.com account or logged on as a registered member of the site prior to June 2013 ( yes , that 's almost four years ago ) , may have had their email address and password stolenAttack.Databreach. Part of the email reads as follows : We recently determined that the email address and password typed into allrecipes.com by members when they created or logged into their accounts prior to June 2013 may have been interceptedAttack.Databreachby an unauthorized third party . Based on information available to us , we can not determine with certainty who did this or how this occurred . Our best analysis is that email addresses and allrecipes.com passwords were interceptedAttack.Databreachduring account registration or login by our members . To its credit , the site has advised affected users to change their Allrecipes password , and ensure that they are not using the same password anywhere else on the net : Out of an abundance of caution , we recommend that all members who registered or logged into allrecipes.com prior to June 2013 promptly change their password . We are taking other steps as well and will continue to work diligently to deter unauthorized activity . You should promptly change your password on allrecipes.com and on any other sites for which you use the same username and password . From what I have seen , Allrecipes has only mentioned the breach when asked direct questions about it via Twitter . How hard would it have been to post a link to an advisory on the front page of its website , and tweet out a link to it ? . Clearly plenty of questions remain about how this security breach might have happened , and Allrecipes ' response to it . But at the very least I would have been pleased to see them be more transparent with their users . The data breachAttack.Databreachhas , understandably , left an unpleasant taste in the mouths of affected users - some of whom turned to Twitter to express themselves . That Twitter user is correct . It 's not just a problem that their password has been exposedAttack.Databreach. Passwords , after all , can be changed fairly easily and if you 're only using it one place than the risks are , at least , reduced . Most users , however , only have one email address and are n't keen to change them that often . A hacker who has stolenAttack.Databreachyour email address and password may not only attempt to use those credentials to unlock other online accounts you own , but might also monetise their theft by launching spam or phishing attacks against your inbox .
Attributing hacking attacks to the correct perpetrators is notoriously difficult . Even the U.S. government , for all its technical resources and expertise , took warranted criticism for trying to pin a high-profile 2014 cyberattack on North Korea , and more recently faced skepticism when it blamed Russia for hacks against top Democrats during the 2016 election . In those cases , government officials said they based their attribution in part on software tools the hackers employed , which had been used in other cyberattacks linked to North Korea and Russia . But that sort of evidence is not conclusive ; hackers have been known to intentionally use or leave behind software and other distinctive material linked to other groups as part of so-called false flag operations intended to falsely implicate other parties . Researchers at Russian digital security firm Kaspersky Lab have documented such cases . On Tuesday , WikiLeaks published a large cache of CIA documents that it said showed the agency had equipped itself to run its own false-flag hacking operations . The documents describe an internal CIA group called UMBRAGE that WikiLeaks said was stealingAttack.Databreachthe techniques of other nation-state hackers to trick forensic investigators into falsely attributing CIA attacks to those actors . According to WikiLeaks , among those from whom the CIA has stolenAttack.Databreachtechniques is the Russian Federation , suggesting the CIA is conducting attacks to intentionally mislead investigators into attributing them to Vladimir Putin . “ With UMBRAGE and related projects , the CIA can not only increase its total number of attack types , but also misdirect attribution by leaving behind the ‘ fingerprints ’ of the groups that the attack techniques were stolenAttack.Databreachfrom , ” WikiLeaks writes in a summary of its CIA document dump . It ’ s a claim that seems intended to shed doubt on the U.S. government ’ s attribution of Russia in the DNC hack ; the Russian Federation was the only nation specifically named by WikiLeaks as a potential victim of misdirected attribution . It ’ s also a claim that some media outlets have accepted and repeated without question . “ WikiLeaks said there ’ s an entire department within the CIA whose job it is to ‘ misdirect attribution by leaving behind the fingerprints ’ of others , such as hackers in Russia , ” CNN reported without caveats . It would be possible to leave such fingerprints if the CIA were reusing unique source code written by other actors to intentionally implicate them in CIA hacks , but the published CIA documents don ’ t say this . Instead , they indicate the UMBRAGE group is doing something much less nefarious . They say UMBRAGE is borrowing hacking “ techniques ” developed or used by other actors to use in CIA hacking projects . This is intended to save the CIA time and energy by copying methods already proven successful .