Feds Seize WeLeakInfo.com for Selling Access to Stolen Data

The FBI has shut down a website that offered hackers easy access to 12 billion records stolen in thousands of data breaches.

On Thursday, the Justice Department announced it had seized the internet domain to WeLeakInfo.com, a site that was cataloging data taken from more than 10,300 data breaches at various companies and websites over the years.

Customers could pay as little as $2 to gain access to the massive trove of data, which was carefully indexed and searchable.

In return, subscribers could look up a person's email address to find out what previously leaked passwords, names, phone numbers, and IP addresses had been associated with it.

Because people often re-use the same passwords across various internet accounts, the WeLeakInfo.com site was a handy tool for hackers, who could use the same data to target a victim's email addresses.

According to the UK's National Crime Agency, the searchable records paved the way for cyber attacks in the UK, Germany, and the US.

Investigators also noticed links with hackers accessing WeLeakInfo.com and buying other hacking tools, including malware.

However, on Wednesday, police in Europe arrested two, 22-year-old suspects in Northern Ireland and the Netherlands, who made over £200,000 ($260,465) from the site.

"Criminals rely on the fact that people duplicate passwords on multiple sites and data breaches such as these create the opportunity for fraudsters to exploit that," said National Crime Agency investigating officer Andrew Shorrock in a statement.

"Password hygiene is therefore extremely important."

It isn't entirely clear how WeLeakInfo.com was obtaining the data breach records.

But hackers routinely sell, trade, and collect such information on dark web marketplaces and forums.

Federal investigators are calling on the public for any information on the owners and operators of WeLeakInfo.com by submitting a complaint to the FBI.

To protect yourself from account hijacking, it's best to use a unique, hard-to-guess password with each of your most valuable internet accounts and to activate two-factor authentication.

To help you remember your login credentials, use a password manager.

The FBI has shut down a website that offered hackers easy access to 12 billion records stolen in thousands of data breaches.

On Thursday, the Justice Department announced it had seized the internet domain to WeLeakInfo.com, a site that was cataloging data taken from more than 10,300 data breaches at various companies and websites over the years.

Customers could pay as little as $2 to gain access to the massive trove of data, which was carefully indexed and searchable.

In return, subscribers could look up a person's email address to find out what previously leaked passwords, names, phone numbers, and IP addresses had been associated with it.

Because people often re-use the same passwords across various internet accounts, the WeLeakInfo.com site was a handy tool for hackers, who could use the same data to target a victim's email addresses.

According to the UK's National Crime Agency, the searchable records paved the way for cyber attacks in the UK, Germany, and the US.

Investigators also noticed links with hackers accessing WeLeakInfo.com and buying other hacking tools, including malware.

However, on Wednesday, police in Europe arrested two, 22-year-old suspects in Northern Ireland and the Netherlands, who made over £200,000 ($260,465) from the site.

"Criminals rely on the fact that people duplicate passwords on multiple sites and data breaches such as these create the opportunity for fraudsters to exploit that," said National Crime Agency investigating officer Andrew Shorrock in a statement.

"Password hygiene is therefore extremely important."

It isn't entirely clear how WeLeakInfo.com was obtaining the data breach records.

But hackers routinely sell, trade, and collect such information on dark web marketplaces and forums.

Federal investigators are calling on the public for any information on the owners and operators of WeLeakInfo.com by submitting a complaint to the FBI.

To protect yourself from account hijacking, it's best to use a unique, hard-to-guess password with each of your most valuable internet accounts and to activate two-factor authentication.

To help you remember your login credentials, use a password manager.