Cybercriminals have reportedly listed one million decrypted Yahoo and Gmail accounts for sale on the Dark Web.
Samples of the data reveals the email addresses, usernames and passwords stored in plain text and can be bought for less than $100.
The accounts have allegedly been put up for sale by user SunTzu583, who claims to be selling 100,000 Yahoo accounts from the hack of Last.fm in 2012 for just 0.0079 bitcoins, approx $10.75.
In addition, 145,000 Yahoo accounts dating back to the 2013 hack of Adobe are also on sale for 0.0102 bitcoins ($13.02).
According to HackRead, SunTzu583 is also selling 500,000 Gmail accounts which reportedly date back to hacks on MySpace, Tumblr and a 2014 hack of a Bitcoin forum.
These accounts are on sale for 0.0219 bitcoins ($28.08), while the same vendor also claims to have 450,000 other Gmail accounts from data breaches at DropBox, Adobe and elsewhere that occurred between 2010 to 2016 for sale for 0.0199 bitcoins ($25.02)
While the data is yet to be independently verified, it is recommended that if your account was compromised in any of the hacks mentioned above then you should update your password. You should also update your password if you are likely to have used it across multiple online accounts.
It has become increasingly common for hackers to sell data stolen during cyber attacks on the underground online market place known as the Dark Web.
The Dark Web is a network of underground websites hidden from search engines that is often used by criminals for illegal activity.
As well as stolen data, items found the be traded on the Dark Web include weapons, drugs and indecent images.
However, as well as its links to criminal activity, it can also be used as a tool to help protect anonymity, allowing whistleblowers to upload classified or sensitive information online.
