MATARKA

The risks associated with plaintext passwords refuse to disappear. We continue to see breaches, even from seemingly niche platforms, exposing credentials stored in an unencrypted format. What really struck us about this particular breach wasn't the size of the exposed user base, but the continued use of such a fundamentally insecure practice. The data had been quietly circulating, but we noticed it resurface in recent combolists, suggesting ongoing exploitation of these credentials. This highlights the long tail of risk associated with poor security practices, even years after the initial breach.

MATARKA's 2018 Breach: 23k+ Credentials Exposed via Plaintext Passwords

In August 2018, MATARKA, a Hungarian bibliographic research tool, suffered a data breach that compromised approximately 33,000 records. This included over 23,000 unique email addresses and, critically, plaintext passwords. The breach was discovered after the data was posted on a well-known hacking forum. The use of plaintext passwords immediately caught our attention, as it represents a severe lapse in basic security protocols and significantly increases the risk of credential stuffing attacks against other platforms.

This breach matters to enterprises now because these older credentials are still actively traded and used in automated attacks. Threat actors compile massive combolists containing breached credentials from various sources, and then use these lists to attempt to log in to other online services. The reuse of passwords across multiple accounts means that even a relatively small breach like this can have a disproportionately large impact. It also highlights the importance of monitoring for compromised credentials associated with your organization's domain, regardless of where the breach originated.

Key point: Total records exposed: ~33,000

Key point: Unique email addresses: 23,470

Key point: Password storage: Plaintext

Key point: Leak location: Prominent hacking forum

Key point: Date leaked: 24-Aug-2018

Key point: Breach Type: Database, Combolist

The appearance of this data in combolists aligns with broader threat trends observed in the underground. As noted in numerous reports, credential stuffing remains a highly effective attack vector, and the availability of breached credentials fuels this activity. The persistence of plaintext passwords even in specialized platforms like MATARKA underscores the need for continuous security assessments and the adoption of robust password management practices.

Email · Address · Plaintext · Password