Exploit.in Data Breach Classification

Preface

Data breach classification is a part of BreachDirectory.

Data breach classification is made possible by using classifiers that can provide strong assumptions in regards to what’s going to happen next in the data breach world by looking at data.

Simply put, this classifier learns from data. The more data is provided, the more accurate the calculations get.

Classification – email addresses

The following table depicts the probability of email domain usage in the next data breach:

#Email DomainFrequencyPurpose / CountryProbability of the email domain being included in the next data breach
1.com390,764,619Commercial / United States‭52.638%
2.ru203,283,285Russia27.383%
3.de47,206,838Germany6.359%
4.fr26,092,163France3.515%
5.net20,099,487Network Infrastructure2.708%
6.it12,471,385Italy1.680%
7.uk12,171,065United Kingdom1.640%
8.pl6,574,020Poland0.885%
9.cz4,367,424Czech Republic0.588%
10.es2,402,534Spain0.324%
11.ua2,230,253Ukraine0.300%
12.in1,984,241India0.267%
13.ca1,323,750Canada0.178%
14.br1,026,632Brazil0.138%
15.hu985,678Hungary0.133%
16.nl919,529The Netherlands0.124%
17.by721,069Belarus0.097%
18.at657,410Austria0.090%
19.mx594,053Mexico0.080%
20.bg587,733Bulgaria0.079%
21.sk531,944Slovakia0.072%
22.be494,773Belgium0.067%
23.ch393,937Switzerland0.053%
24.jp387,647Japan0.052%
25.gr373,066Greece0.050%
26.pt350,828Portugal0.047%
27.my338,588Malaysia0.046%
28.lv314,852Latvia0.042%
29.se294,974Sweden0.040%
30.au256,217Australia0.035%
31.dk231,435Denmark0.031%
32.cn222,233China0.030%
33.fm196,084Radio Station0.026%
34.eu183,747European Union0.025%
35.mil139,125Military0.019%
36.za124,452South Africa0.017%
37.nz123,817New Zealand0.017%
38.no123,090Norway0.017%
39.ie97,414Ireland0.013%
40.coid93,451Indonesia0.013%
41.co91,313Colombia0.012%
42.hr77,714Croatia0.010%
43.ee77,239Estonia0.010%
44.kr73,829South Korea0.010%
45.lt72,849Lithuania0.010%
46.ry53,592Unknown0.007%
47.il52,782Israel0.007%
48.th50,560Thailand0.007%
49.cl46,701Chile0.006%
50.edu29,023Education0.004%

We can see that email domain TLDs originating from the United States, Russia, Germany and France have the highest chance of being included in the next data breach. If we combine all of the entries originating from those five countries, we would get 679,818,290 records which would consume 84.76% of the entire Exploit.in user base.

Classification – passwords

#PasswordFrequencyProbability of the password being included in the next data breach
19,394,97316.789%
21234565,021,1508.973%
31234567891,846,7443.300%
4qwerty1,348,2582.409%
5password1,013,3041.811%
6823,7411.472%
712345678762,5901.363%
8abc123761,5581.361%
9111111717,5371.282%
10password1689,4591.232%
111234567663,9521.186%
121234567890635,6811.136%
13123123577,0441.031%
1412345571,0521.020%
15000000512,9490.917%
161q2w3e4r5t502,2130.897%
17iloveyou420,8940.752%
18qwertyuiop358,7040.641%
191234333,8710.597%
20dragon300,3400.537%
21monkey298,3950.533%
22123456a257,9890.461%
23123321255,6270.457%
241qaz2wsx244,6520.437%
25654321230,3370.412%
26666666229,4910.410%
27123qwe227,0360.406%
28myspace1211,3320.378%
29target123205,9300.368%
30tinkle205,4190.367%
31121212205,2960.367%
321q2w3e4r203,9260.364%
337777777203,1850.363%
341g2w3e4r201,3710.360%
35gwerty201,2690.360%
36zag12wsx201,0620.359%
37gwerty123200,9690.359%
38qwe123194,0530.347%
39zxcvbnm187,1420.334%
40qwerty123175,9650.314%
411q2w3e172,0740.307%
42qazwsx170,2800.304%
43123169,7700.303%
44222222167,0090.298%
45555555166,1350.297%
46123abc162,9710.291%
47asdfghjkl159,9260.286%
48987654321156,9940.281%
49a123456152,7320.273%
50qwerty1151,3230.270%

We can see that passwords that are empty would have the highest chance of being included in the next data breach – such passwords consume 18.261% of Exploit.in’s entire user base which would be around 146,462,503 records – we could guess that these passwords got “lost in encoding” or contained some unknown characters.

Including the “empty” passwords, the top 5 passwords that could be used in the next data breach include 18,624,429 passwords which would consume around 2.32% of the entire Exploit.in’s user base.

Summary

The Exploit.in data breach compilation is one of the largest data breach compilations ever – it is compiled of many data breaches into information systems. The classifier shows that users coming from western part of Europe have the highest chance to also have their data stolen in the upcoming data breaches – the classifier also shows that users who use passwords like “” (though this may be an encoding problem) and “123456” also have pretty high chances of their identities being stolen in the upcoming data breaches.

Nirium

Share
Published by
Nirium

Recent Posts

Schneider Electric: JIRA Server Breached

There have been rumors about a data breach targeting Schneider Electric. Did a data breach…

6 days ago

The Makers of Fiskars Scissors Got Breached: What’s Known

There have been rumors about the Fiskars Group – the company behind Fiskars scissors and…

6 days ago

Russia Fines Google for $20,000,000,000,000,000,000,000,000,000,000,000

Russia has fined Google more than two undecillion roubles because Google has refused to pay…

1 week ago

RockYou 2024.txt Looks Like a Binary File – Here’s Why

Why does RockYou 2024.txt look like a binary file when you open it up? Find…

1 week ago

Duolicious Data Leak: What You Need to Know

Duolicious is a dating app that connects people who are “chronically online.” Did the Duolicious…

2 weeks ago

What is RockYou 2024.txt and How Did RockYou 2024 Come to Be?

This blog will tell you what RockYou 2024 is, how RockYou 2024.txt came to be,…

2 weeks ago