Researchers have uncovered a jaw-dropping (and deeply disturbing) database containing 2 million stolen login credentials -- both usernames and passwords -- associated with Facebook, Twitter, Google, Yahoo, LinkedIn, and other online services.
Even more troubling, many of the victims had the worst passwords ever, such as "123456" and "password." (Seriously, people?)
Here's what happened, why it happened, and how you can prevent it from happening to you:
A botnet called "Pony" collected sensitive information from users in as many as 102 countries, with folks in the Netherlands being targeted the most, reports CNET.
Though details are still emerging on how exactly it stole the 2 million passwords, security company Trustwave believes people's computers were attacked by hackers using malware to scrape information directly from their Web browsers.
Version 1.9 of the botnet is a keylogging type of malware that captures passwords and login credentials of infected users when they access applications and Internet sites.
Poor Password Habits Revealed
The investigation also uncovered users' incredibly atrocious password habits. According to CNET, "the most common passwords were '123456,' '123456789,' '1234,' and the word 'password.'" Sadly, that's not a joke.
Though many companies -- including Facebook, LinkedIn, and Twitter -- have reset affected users' passwords, consumers are cautioned to be proactive and create more secure passwords.
Tips for Stronger Passwords
To prevent your password from being cracked as easily as the "00000000" code to launch the United States' nuclear missiles, consider doing the following:
Remember, a password is only as secure as you make it. Sorry, but "12345" and "password" are simply not going to cut it.