4 Million Quidd

Recently, near about 4 million Quidd users’ credentials were stolen and shared on the hacking forum that is publicly accessible. Now, if you don’t know about Quidd then let me clarify that it’s an online marketplace for stickers, cards, toys, and other collectibles.

Basically, this portal was hacked in 2019, resulting in data leaks of 3,954,416 credentials. All these data include Quidd’s usernames, email addresses, and passwords from hacked accounts. Moreover, the hacker who is behind this leak or hack is known as “Protag”.

As a forum user, under the username, “Protag” has posted a copy of Quidd’s data, which is publicly accessible on the hacker forum last month, and just after the incident, other members of the forum have since begun to exchange information. 

Moreover, the first announcements of the sale of stolen data appeared in small and tight criminal circles back in October 2019.

However, later, the data once again resurfaced on March 29, 2020, when it was reuploaded by another user and has since remained accessible on the portal. Basically, in the field of cybercrime, there are numerous groups and entities, and each of them plays a different role.

While apart from all these things, let me tell you one thing that this data breach comprises more than thousands of professional email addresses related to:-

  • AIG
  • Experian
  • Target
  • Microsoft
  • Accenture
  • Virgin Media
  • Tutanota
  • University of Pennsylvania

The leak was first reported by a security expert from the well-known security portal, Risk-Based Security, who, after the initial analysis, has confirmed the authenticity of the data.

But, if you don’t know, then let me clarify that reversing encrypted passwords in their hidden form is extremely difficult and requires much time and support. Even though the passwords were stored in an encrypted form, but still, the attackers have already begun work on decrypting them.

And not only that, even one of them has already put up for sale access to more than 135 thousand hacked passwords, and the other to more than one million, isn’t it crazy.

However, the well-known online marketplace Quidd has not previously reported any security breach, and it is unclear whether the company knows about the hack or not.

Hence, we strongly recommend each and every Quidd users to change their passwords immediately simply to secure their respective accounts.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.