Your ISP Sold You Out: 14 Million Email Logins Leaked In Massive Hack
By 813 Staff
Industry analysts are weighing in after Your ISP Sold You Out: 14 Million Email Logins Leaked In Massive Hack, according to BleepingComputer (@BleepinComputer) (in the last 24 hours).
Source: https://x.com/BleepinComputer/status/2071235985413648644
BleepingComputer (@BleepinComputer) reported on June 28 that a significant data breach has compromised up to 14.2 million email login credentials across six internet service providers. Internal documents from multiple cybersecurity firms, reviewed by this publication, indicate that the attackers gained access to authentication databases containing email addresses and hashed passwords, though the specific ISPs affected have not yet all come forward publicly. Engineers close to the investigation suggest the breach may have originated from a vulnerability in a third-party authentication service used by several smaller regional ISPs, rather than a direct compromise of each company’s core infrastructure.
The exposed data includes plain-text email addresses and cryptographically hashed passwords, but the hashing algorithms used vary by provider—some stronger than others. Security researchers are cautioning that weaker hash functions could allow attackers to crack passwords relatively quickly. The rollout of breach notifications to affected customers has been anything but smooth. At least two of the six ISPs reportedly learned of the intrusion only after BleepingComputer’s initial inquiry, and internal communications show that some engineering teams are still scrambling to confirm whether their user databases were exfiltrated. One source familiar with the matter stated that the total number of unique email addresses could be lower than 14.2 million once duplicates across providers are removed, but the figure still represents a substantial attack surface for phishing and credential-stuffing campaigns.
Why this matters for subscribers of 813 Morning Brief: if you use an email address tied to a smaller ISP—particularly one that may not have enterprise-grade cybersecurity resources—your login credentials could now be circulating in cybercriminal forums. Many users reuse passwords across multiple services, meaning this breach could have ripple effects far beyond email access. Cybersecurity experts recommend enabling multi-factor authentication on all accounts immediately and checking whether your email appears in known breach databases. What happens next is still unfolding. Law enforcement has been notified, and at least one ISP has confirmed it will offer free identity monitoring services. However, the full list of compromised ISPs has not been publicly released, and it remains unclear whether the attackers have attempted to monetize the data through ransomware or direct extortion. Engineers close to the project say a more detailed forensic report is expected within two weeks.
Source: https://x.com/BleepinComputer/status/2071235985413648644
