Pwnd email5/1/2023 ![]() He then wrote a test script that sequentially visits profile URLs from IDs 1 to 5000 and said he was able to collect JSON data of the first 5000 Gravatar users with no issues. After Italian security researcher Carlo Di Dato was unable to get an answer from Gravatar, he demonstrated to the publication how one could access user data by using a numeric ID associated with each profile to fetch it. The tweet referenced a BleepingComputer article from October 2020 titled, “ Online avatar service Gravatar allows mass collection of user info,” which explains how the hashes were originally obtained. 114M of the MD5 email address hashes were subsequently cracked and distributed alongside names and usernames.“ It claims 72% of these email addresses were already logged with the service. ![]() ![]() Gravatar is fielding questions today after “Have I Been Pwned,” a data breech checker service, tweeted “ New scraped data: Gravatar had 167M profiles scraped in Oct last year via an enumeration vector. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |