Exploit.in Data Breach Classification

Preface

Data breach classification is a part of BreachDirectory.

Data breach classification is made possible by using classifiers that can provide strong assumptions in regards to what’s going to happen next in the data breach world by looking at data.

Simply put, this classifier learns from data. The more data is provided, the more accurate the calculations get.

Classification – email addresses

The following table depicts the probability of email domain usage in the next data breach:

#Email DomainFrequencyPurpose / CountryProbability of the email domain being included in the next data breach
1.com390,764,619Commercial / United States‭52.638%
2.ru203,283,285Russia27.383%
3.de47,206,838Germany6.359%
4.fr26,092,163France3.515%
5.net20,099,487Network Infrastructure2.708%
6.it12,471,385Italy1.680%
7.uk12,171,065United Kingdom1.640%
8.pl6,574,020Poland0.885%
9.cz4,367,424Czech Republic0.588%
10.es2,402,534Spain0.324%
11.ua2,230,253Ukraine0.300%
12.in1,984,241India0.267%
13.ca1,323,750Canada0.178%
14.br1,026,632Brazil0.138%
15.hu985,678Hungary0.133%
16.nl919,529The Netherlands0.124%
17.by721,069Belarus0.097%
18.at657,410Austria0.090%
19.mx594,053Mexico0.080%
20.bg587,733Bulgaria0.079%
21.sk531,944Slovakia0.072%
22.be494,773Belgium0.067%
23.ch393,937Switzerland0.053%
24.jp387,647Japan0.052%
25.gr373,066Greece0.050%
26.pt350,828Portugal0.047%
27.my338,588Malaysia0.046%
28.lv314,852Latvia0.042%
29.se294,974Sweden0.040%
30.au256,217Australia0.035%
31.dk231,435Denmark0.031%
32.cn222,233China0.030%
33.fm196,084Radio Station0.026%
34.eu183,747European Union0.025%
35.mil139,125Military0.019%
36.za124,452South Africa0.017%
37.nz123,817New Zealand0.017%
38.no123,090Norway0.017%
39.ie97,414Ireland0.013%
40.coid93,451Indonesia0.013%
41.co91,313Colombia0.012%
42.hr77,714Croatia0.010%
43.ee77,239Estonia0.010%
44.kr73,829South Korea0.010%
45.lt72,849Lithuania0.010%
46.ry53,592Unknown0.007%
47.il52,782Israel0.007%
48.th50,560Thailand0.007%
49.cl46,701Chile0.006%
50.edu29,023Education0.004%

We can see that email domain TLDs originating from the United States, Russia, Germany and France have the highest chance of being included in the next data breach. If we combine all of the entries originating from those five countries, we would get 679,818,290 records which would consume 84.76% of the entire Exploit.in user base.

Classification – passwords

#PasswordFrequencyProbability of the password being included in the next data breach
19,394,97316.789%
21234565,021,1508.973%
31234567891,846,7443.300%
4qwerty1,348,2582.409%
5password1,013,3041.811%
6823,7411.472%
712345678762,5901.363%
8abc123761,5581.361%
9111111717,5371.282%
10password1689,4591.232%
111234567663,9521.186%
121234567890635,6811.136%
13123123577,0441.031%
1412345571,0521.020%
15000000512,9490.917%
161q2w3e4r5t502,2130.897%
17iloveyou420,8940.752%
18qwertyuiop358,7040.641%
191234333,8710.597%
20dragon300,3400.537%
21monkey298,3950.533%
22123456a257,9890.461%
23123321255,6270.457%
241qaz2wsx244,6520.437%
25654321230,3370.412%
26666666229,4910.410%
27123qwe227,0360.406%
28myspace1211,3320.378%
29target123205,9300.368%
30tinkle205,4190.367%
31121212205,2960.367%
321q2w3e4r203,9260.364%
337777777203,1850.363%
341g2w3e4r201,3710.360%
35gwerty201,2690.360%
36zag12wsx201,0620.359%
37gwerty123200,9690.359%
38qwe123194,0530.347%
39zxcvbnm187,1420.334%
40qwerty123175,9650.314%
411q2w3e172,0740.307%
42qazwsx170,2800.304%
43123169,7700.303%
44222222167,0090.298%
45555555166,1350.297%
46123abc162,9710.291%
47asdfghjkl159,9260.286%
48987654321156,9940.281%
49a123456152,7320.273%
50qwerty1151,3230.270%

We can see that passwords that are empty would have the highest chance of being included in the next data breach – such passwords consume 18.261% of Exploit.in’s entire user base which would be around 146,462,503 records – we could guess that these passwords got “lost in encoding” or contained some unknown characters.

Including the “empty” passwords, the top 5 passwords that could be used in the next data breach include 18,624,429 passwords which would consume around 2.32% of the entire Exploit.in’s user base.

Summary

The Exploit.in data breach compilation is one of the largest data breach compilations ever – it is compiled of many data breaches into information systems. The classifier shows that users coming from western part of Europe have the highest chance to also have their data stolen in the upcoming data breaches – the classifier also shows that users who use passwords like “” (though this may be an encoding problem) and “123456” also have pretty high chances of their identities being stolen in the upcoming data breaches.

Nirium

Share
Published by
Nirium

Recent Posts

Important Google Play Store Update: Google to Verify Developers to Block Malware in Apps

Developers of Android apps will soon need to verify their identity as a result of…

1 week ago

Millions of McDonald’s Job Applications Exposed: The Hidden Risk Behind the McDonald’s Breakfast Menu

A fan of the McDonald’s breakfast menu? Bad news - over 60 million job applications…

1 week ago

T Mobile Customers to Receive Data Breach Settlement Checks

In 2021, hackers had allegedly accessed sensitive personal information pertaining to over 53 million customers…

1 week ago

Is Your Seagate External Hard Drive Real? A Hard Drive Fraud Ring Uncovered in Malaysia

Seagate has uncovered a Seagate external hard drive and internal hard drive fraud ring in…

1 week ago

Hackers Are Using AI for Phishing and Spear Phishing Campaigns

Hackers are using generative AI for phishing and spear phishing campaigns. Learn more here!

1 week ago

Signed Up for a VPN Free Trial? Your Privacy May be in Danger

A Chrome VPN extension may pose a danger to your privacy. A VPN free trial…

2 weeks ago