Facebook has been buying stolen passwords from the dark web in a bid to protect users. By purchasing stolen passwords off the black market, Facebook aims to increase its own security, as well as protect users who rely on one password for two or more accounts.
Amichai Shulman, founder and CTO of Imperva:
“Paying for stolen passwords only reinforces the criminal business model and further encourages hackers to steal passwords. Data from breaches is hot merchandise on both sides of the legitimacy fence, the security marketplace on one side and the dark market on the other. The ease of getting tons of stolen credentials, with the fact that users will always continue to reuse passwords simply because they are human is why hackers continue to profit from stolen credentials and why companies must take proper measures to protect user data.”