Exploit.in Data Breach Classification

Exploit.in Data Breach Classification

Preface

Data breach classification is a part of BreachDirectory.

Data breach classification is made possible by using classifiers that can provide strong assumptions in regards to what’s going to happen next in the data breach world by looking at data.

Simply put, this classifier learns from data. The more data is provided, the more accurate the calculations get.

Classification – email addresses

The following table depicts the probability of email domain usage in the next data breach:

#Email DomainFrequencyPurpose / CountryProbability of the email domain being included in the next data breach
1.com390,764,619Commercial / United States‭52.638%
2.ru203,283,285Russia27.383%
3.de47,206,838Germany6.359%
4.fr26,092,163France3.515%
5.net20,099,487Network Infrastructure2.708%
6.it12,471,385Italy1.680%
7.uk12,171,065United Kingdom1.640%
8.pl6,574,020Poland0.885%
9.cz4,367,424Czech Republic0.588%
10.es2,402,534Spain0.324%
11.ua2,230,253Ukraine0.300%
12.in1,984,241India0.267%
13.ca1,323,750Canada0.178%
14.br1,026,632Brazil0.138%
15.hu985,678Hungary0.133%
16.nl919,529The Netherlands0.124%
17.by721,069Belarus0.097%
18.at657,410Austria0.090%
19.mx594,053Mexico0.080%
20.bg587,733Bulgaria0.079%
21.sk531,944Slovakia0.072%
22.be494,773Belgium0.067%
23.ch393,937Switzerland0.053%
24.jp387,647Japan0.052%
25.gr373,066Greece0.050%
26.pt350,828Portugal0.047%
27.my338,588Malaysia0.046%
28.lv314,852Latvia0.042%
29.se294,974Sweden0.040%
30.au256,217Australia0.035%
31.dk231,435Denmark0.031%
32.cn222,233China0.030%
33.fm196,084Radio Station0.026%
34.eu183,747European Union0.025%
35.mil139,125Military0.019%
36.za124,452South Africa0.017%
37.nz123,817New Zealand0.017%
38.no123,090Norway0.017%
39.ie97,414Ireland0.013%
40.coid93,451Indonesia0.013%
41.co91,313Colombia0.012%
42.hr77,714Croatia0.010%
43.ee77,239Estonia0.010%
44.kr73,829South Korea0.010%
45.lt72,849Lithuania0.010%
46.ry53,592Unknown0.007%
47.il52,782Israel0.007%
48.th50,560Thailand0.007%
49.cl46,701Chile0.006%
50.edu29,023Education0.004%

We can see that email domain TLDs originating from the United States, Russia, Germany and France have the highest chance of being included in the next data breach. If we combine all of the entries originating from those five countries, we would get 679,818,290 records which would consume 84.76% of the entire Exploit.in user base.

Classification – passwords

#PasswordFrequencyProbability of the password being included in the next data breach
19,394,97316.789%
21234565,021,1508.973%
31234567891,846,7443.300%
4qwerty1,348,2582.409%
5password1,013,3041.811%
6823,7411.472%
712345678762,5901.363%
8abc123761,5581.361%
9111111717,5371.282%
10password1689,4591.232%
111234567663,9521.186%
121234567890635,6811.136%
13123123577,0441.031%
1412345571,0521.020%
15000000512,9490.917%
161q2w3e4r5t502,2130.897%
17iloveyou420,8940.752%
18qwertyuiop358,7040.641%
191234333,8710.597%
20dragon300,3400.537%
21monkey298,3950.533%
22123456a257,9890.461%
23123321255,6270.457%
241qaz2wsx244,6520.437%
25654321230,3370.412%
26666666229,4910.410%
27123qwe227,0360.406%
28myspace1211,3320.378%
29target123205,9300.368%
30tinkle205,4190.367%
31121212205,2960.367%
321q2w3e4r203,9260.364%
337777777203,1850.363%
341g2w3e4r201,3710.360%
35gwerty201,2690.360%
36zag12wsx201,0620.359%
37gwerty123200,9690.359%
38qwe123194,0530.347%
39zxcvbnm187,1420.334%
40qwerty123175,9650.314%
411q2w3e172,0740.307%
42qazwsx170,2800.304%
43123169,7700.303%
44222222167,0090.298%
45555555166,1350.297%
46123abc162,9710.291%
47asdfghjkl159,9260.286%
48987654321156,9940.281%
49a123456152,7320.273%
50qwerty1151,3230.270%

We can see that passwords that are empty would have the highest chance of being included in the next data breach – such passwords consume 18.261% of Exploit.in’s entire user base which would be around 146,462,503 records – we could guess that these passwords got “lost in encoding” or contained some unknown characters.

Including the “empty” passwords, the top 5 passwords that could be used in the next data breach include 18,624,429 passwords which would consume around 2.32% of the entire Exploit.in’s user base.

Summary

The Exploit.in data breach compilation is one of the largest data breach compilations ever – it is compiled of many data breaches into information systems. The classifier shows that users coming from western part of Europe have the highest chance to also have their data stolen in the upcoming data breaches – the classifier also shows that users who use passwords like “” (though this may be an encoding problem) and “123456” also have pretty high chances of their identities being stolen in the upcoming data breaches.

Leave a Reply

Your email address will not be published. Required fields are marked *