12 February 21, 16:09
Quote:Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week.
Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials. Meanwhile, they also found 13 credential pairs in the more recent “compilation of many breaches”– COMB for short — that occurred just days before the attack.
This collection was leaked on the RaidForums English-language cybercrime community on Feb. 2 and contains a staggering 3.27 billion unique combinations of cleartext email addresses and passwords in an aggregate database.
Of note, officials have not publicly drawn any connection between the credentials discovered in the leaked credential breach databases and the attack last week.
The attack on the Oldsmar water-treatment facility in Florida occurred last Friday, when an attacker used remote access to the system to change the level of sodium hydroxide, more commonly known as lye, in the water from 100 parts per million to 11,100 parts per million.
The change was immediately detected by a plant operator, who changed the levels back before the attack had any impact on the system.
Read more: https://threatpost.com/florida-water-pla...ch/163919/