Russian Criminals Steal Over 1 Billion Passwords

It may sound surprising, but true. Russian criminals have stolen 1.2 billion Internet user names and passwords. It is billed to be the largest collection of stolen digital credentials in history.

The firm that discovered the theft, Hold Security, the gang isn’t in the business of stealing the bank account information. Instead, they make their money by sending out spam for bogus products like weight-loss pills.

The Milwaukee-based firm, didn’t reveal the identities of the targeted websites, citing nondisclosure agreements and a desire to prevent existing vulnerabilities from being more widely exploited.

Hold Security officials said, the trove includes credentials gathered from over 420,000 websites — both smaller sites as well as household names. The criminals didn’t breach any major email providers.

A credential pair consists of a user name — often an email address — plus a password. There are roughly half a billion email addresses in the gang’s collection, Hold Security says.

The officials further said, the gang makes its money by hacking into email and social accounts, posing as trusted friends and family and advertising bogus products. That means that if you see strange messages being sent from your email or social media accounts, you might be among those affected.

The criminals began collecting user data a few years ago by simply buying it on the black market. Their stash has grown significantly this year thanks to their use of an automated program that trawls the Internet to find vulnerabilities on websites.

Leave a Reply

Your email address will not be published. Required fields are marked *