Two popular piracy forums, Xbox360ISO.com and PSPISO.com, were hacked in 2015. Late this weekend, the user data of those affected were leaked on the Internet. In an age where the PS4, Xbox One, and PS Vita are tougher to crack, it might seem trivial. But for their time, the Xbox 360 and PSP were popular for the ability to modify them to play pirated games.
This leak has reportedly resulted in the data of 2.5 million users being compromised. Details such as usernames, passwords, email addresses, and IP addresses can be easily ascertained. Reason being, both sites used the MD5 hashing system which is simple to overcome.
What this also means is, if you’ve used the same login credentials on other sites, you may want to change your details at the earliest. Details about the number of users hacked have been chronicled on security expert Troy Hunt’s Have I Been Pwned website, which tracks breaches and claims that 1,296,959 Xbox 360 ISO accounts and 1,274,070 PSP ISO accounts were compromised.
"Often people using seemingly low-security websites don't enforce good password security because it's not a financial target," said Mark James, IT security specialist at ESET to CNET, "But all data has a value and will be reused for other purposes. Every website should be treated as unique and require different passwords with a mix of usernames if possible."
"Breach after breach has shown that using the same username and password for multiple sites is a bad idea," said security expert Jonathan Sander of Lieberman Software. "If the Xbox and PSP crew haven't learned that they can't use the same email and password on every service by now, then likely it is game over for their personal data."