Two arrested for trying to sell 12 billion user names, passwords online

Two suspects aged 22 were arrested, one in the Netherlands and the other in Northern Ireland.
Two suspects aged 22 were arrested, one in the Netherlands and the other in Northern Ireland.PHOTO: REUTERS

THE HAGUE (AFP) - Police arrested two men in the Netherlands and Northern Ireland suspected of trying to sell some 12 billion stolen user names and passwords via an online website, Dutch police said on Friday (Jan 17).

A 22-year-old man was arrested in the eastern Dutch city of Arnhem when police raided his house on a tip-off by a Dutch cyber crime unit working with Britain's National Crime Agency, the FBI and the German police.

A second suspect, also aged 22, was arrested in Northern Ireland, Dutch police said in a statement.

During the raid in Arnhem police found professional equipment which made it possible to sell the suspects' offered services via the "We leak info" website, police said.

The Dutch suspect "is involved in the possession and offering hacked user names and passwords and played a facilitating role in regards to cyber crime," law agents added.

When searched by AFP on Friday, the website displayed a disclaimer saying: "This domain has been seized" by the FBI in conjunction with the other European law enforcement agencies.

Dutch police declined to give further information, saying the investigation was ongoing.

WeLeakInfo.com allegedly offered unlimited access to all information on its site for two dollars a day or 25 dollars a month, the NOS public broadcaster said.

The information was a collection of leaks and stolen passwords from popular websites and apps such as LinkedIn and MyFitnessPal.

"In theory, you could search hundreds or even thousands of leaked passwords to try and gain access to people's emails, their social media and other accounts," the NOS said.

Dutch and British police in 2018 led an operation in which they shut down a website linked to more than four million cyber attacks around the world.