Ontario man accused of selling user passwords
A Toronto-area man faces several criminal charges for allegedly peddling information from an online database containing 1.5 billion user names and passwords.
The arrest announced Monday by the RCMP provides a glimpse into the murky layers of the socalled dark web — the shadowy, underground corners of the internet — and highlights the perils of staying secure in cyberspace.
The Mounties accuse Jordan Evan Bloom of Thornhill, north of Toronto, of selling stolen personal identities through the site Leakedsource.com, which held three billion pieces of sensitive data.
Bloom, 27, is charged with offences including trafficking in identity information, unauthorized use of a computer, mischief with data and possession of property obtained by crime.
Bloom allegedly assembled the extensive database through the dark web, where he obtained personal information stolen by hackers from domains like networking site LinkedIn and extramarital affair hub ashleymadison.com, RCMP Staff Sgt. Maurizio Rosa said.
Bloom is alleged to have earned about $247,000 by selling data.
“Jordan Bloom essentially acted as a middleman between the dark web and the internet that most of us use every day,” Rosa said.
The police operation began in 2016 when the RCMP learned Leakedsource.com was hosted by servers in Quebec. The site has been shut down.
Rosa said it’s safe to say several Canadians were affected — he could not provide a precise number — and may still be at risk due to the information being available through various dark websites.
Canadians should know when they reuse passwords across different websites and for internetbased services, the password — if stolen — could be compromised on an ongoing basis, he said.