Following an international operation, the FBI has seized and shut down a website known as WeLeakInfo that bought private user data from over 10,000 data breaches. As a part of the operation, police in the Netherlands and Northern Ireland arrested two 22-year old believed to be linked to the site. In the meantime, the FBI, working in coordination with police forces in Europe, took down the area for the site and redirected it to a seizure notice.
WeLeakInfo claimed to have over 12 billion usernames and passwords siphoned from around 10,300 breaches at various companies and websites. It had organized that info into a simple searchable database, letting customers look up someone’s email address to find out what passwords, names, phone numbers, and IP addresses had been linked. The site provided access to all the data by way of subscriptions starting at as little as $2.
The site promoted itself as a legitimate way to perform security research, even though it provided phone numbers, IP addresses, and different personal info that is protected by law. If you want to obtain whether your username and password has been stolen, you can go to security expert Troy Hunt’s excellent haveibeenpawned.com site and get the information for free. As part of the operation, the FBI is asking people with any information about WeLeakInfo to file a complaint.