June 2, 2021

How do attackers get password dumps? (Not a tech support related question so not sure why you deleted it and referred me to something irrelevant)

Broad question – When a company is pwned and information is leaked.. How do other attackers get this info? Do they buy them, are they dumped somewhere for free, is there a central location?

Can anyone refer me to documentation or give me your own thoughts?

I’ve been in cybersecurity for a year now and am continuously trying to learn.



Howdy, I’m happy to discuss in depth, though usually we do this over modmail for the few that ask. :P

Your original (now-deleted) question was:

> “I just had someone try to phish me by telling me they have my password (which they did) that was pwned years ago. I know you can go into haveibeenpwned.com and see if any of your accounts have been compromised. But how do you think this specific hacker got my password?”

We stand by removing that and redirecting you to post on r/techsupport. It is a *personal support* question which members of that subreddit would be more than qualified to answer, and was removed under rule #3.

Phrasing your question more generally as you did now – “how is breached information shared” – has been manually approved (despite getting picked up in one of our filters), as it pertains generally to the cybersecurity field.

So, what gives? The key difference between the two is focus.

* In the former, you are looking for an answer which applies to you specifically. The community historically gets a lot of personal support questions (often north of 8/day), and these become frustrating to answer, as they can be quite repetitive and detract from the community’s focus on professional-centric content. This foments dissatisfaction, and complaints were raised by this community that resulted in additional moderators being pulled in to help (Ghawblin & I).
* In the latter, you are looking for a discussion on common practices by threat actors. This would help inform a broader audience, and includes a much wider scope of discussion points. Specifically, it reaches beyond how your personal password may have been breached or shared (a common support question), towards data sharing for ransoms and leaks – the latter is professionally relevant for many on this subreddit.

I hope this helps illustrate what we’re going for here, and I’m happy to take feedback on this comment or via [modmail](https://www.reddit.com/message/compose?to=/r/cybersecurity).

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.