MD Computers

We're seeing an uptick in breaches impacting smaller regional e-commerce sites, often revealing systemic security gaps. We discovered this particular incident while tracking a newly surfaced combolist containing credentials from various Indian online retailers. What stood out wasn't the volume of records, but the age of the breach and the continued use of weak hashing algorithms, highlighting the long tail of security debt plaguing many organizations.

MD Computers Breach: 16k Accounts Exposed Via Weak Hashing

In November 2017, MD Computers, an Indian computer hardware retailer, experienced a data breach that compromised 16,809 user accounts. This breach recently resurfaced in a publicly available combolist, drawing attention to the persistence of legacy vulnerabilities. The exposed data included email addresses and MD5 password hashes. The use of MD5, an outdated and cryptographically broken hashing algorithm, underscores the potential for attackers to easily crack passwords and gain unauthorized access to user accounts.

The breach was discovered when Darkwatch analysts identified credentials associated with mdcomputers.in within a large combolist circulating on underground forums. The age of the breach—dating back to 2017—raises concerns about the retailer's incident response capabilities and data retention policies. The continued use of MD5 hashing, despite well-documented security weaknesses, suggests a lack of proactive security measures.

This incident is a stark reminder that even smaller e-commerce platforms can be attractive targets for attackers. The ease with which MD5 hashes can be cracked means that a significant portion of the compromised passwords are likely now in the hands of malicious actors. This presents a risk not only to users of MD Computers, but also to any other online services where they may have reused the same credentials. The incident also highlights the importance of regular security audits and the prompt implementation of security patches and upgrades.

Key point: Total records exposed: 16,809

Key point: Types of data included: Email addresses, MD5 password hashes

Key point: Leak location(s): Combolists on underground forums

Key point: Date of first appearance: 13-Nov-2017 (breach date), recent resurfacing in combolists

The use of MD5 for password hashing has been discouraged for many years. Security experts have long warned about the vulnerabilities of MD5, and its use is a clear indication of inadequate security practices. For example, OWASP (Open Web Application Security Project) explicitly recommends against the use of MD5 for password storage, advocating for stronger algorithms like Argon2, bcrypt, or scrypt.

Email · Address · Password · Hash