Connexion Email Account Dump Includes Military and Government Accounts

16,959 e-mail accounts have been dumped to MediaFire recently, ZeroPaid has learned. The 1.18MB text file was uploaded by Connexion Hack Team. The file contains government and military e-mail accounts and passwords. ZeroPaid has also learned that many popular e-mail providers are also seen in the list of accounts compromised.

Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes

Connexion has already dumped data from a California government website to pastebin and now they have made another data dump. A statement within the release contains the following:

Dear Internetz,

We are the Connexion Hack Team. We are here to say that we are releasing approx. 16,959 emails and passwords. These are random and do not ask which website they came from. If you want to see if your email is there press CTRL+F on Windows and search for your email. If it is, well to bad, pick another email from the list. If it isn’t then you are one lucky bastard.

We want everyone to know that we mean business here. Have fun!

There’s numerous government e-mails from pretty much all over the map. There’s e-mail accounts from the NSA, Virginia, the DHS, and others. We’ve removed the passwords, but these are the list the group dubbed “Important people”:

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

To some of these users credit, they did use a combination of letters, numbers and symbols, but those are only a select few. One did have a password “changeme” which the team commented, “mega lulz”.

In the next section, there was a list dubbed “more important people” Again, we’ve removed the passwords:

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

Again, to one persons credit, a combination of letters, numbers and symbols was used. The reason why this is good is because it is suppose to take exponentially longer to crack such a password when a combination of letters, numbers and symbols. I suspect these were obtained in another manner in this case.

The remaining e-mails and passwords are all over the map. The e-mails are in alphabetical order and, strangely, they end on the letter “s”. So anything after the letter “s” appears ot be safe for now (maybe an additional release will be made?). Domains that are found include Yahoo (lots), BellSouth, Gmail, MSN, Earthlink, Comcast, Sprint.Blackberry, vzpix, sbcglobal, Cox, Hotmail, Spartans.nsu (lots), Verizon, NSU, and AOL to name a few.

It’s very difficult to know for sure how these were obtained considering it’s just a random smattering of e-mails. No doubt, these accounts will appear elsewhere for those wondering if their account was compromised or, more easily, it can be downloaded on MediaFire while it’s still up.

Drew Wilson on Twitter: @icecube85 and Google+.