Finnish travel service hacked; thousands of users’ passwords and e-mail addresses exposed
Another hack in Finland. A message on the home page of travel site Napsu.fi confirms that they were hacked on December 3 and that a list of registered users, usernames, email addresses and plain-text passwords were leaked. The firm is asking all registered users to change their passwords.
From what I’ve seen so far, 11,976 usernames e-mail addresses and plain-text passwords have been dumped on the Internet by an unidentified hacker presumably associated with AnonFinland, although a number of media sources indicate that the number of accounts involved is over 16,000 out of the sites 20,000 registered users. A second data dump has apparently been removed already.
It’s not clear to me whether the passwords had been encrypted and decrypted by the hacker(s) before leaking or if they were stored in plain-text, although from some shaky translations, it may be the former.