Russian hackers have stolen 1.2 billion passwords
A group of Russian hackers are being credited with amassing the largest know collection of stolen usernames, passwords, and email addresses in the history of the internet. According to security researchers, over 420,000 websites have been compromised by the hackers.
The massive stockpile of stolen information was identified by security research firm Hold Security, the same firm which brought the Adobe Systems hack to light last year. The firm claims that even some websites for Fortune 500 companies were stolen.
As of yet, the exact identities of the websites that have been hacked have not been revealed, as Hold Security is bound by non-disclosure agreements as well as a reluctance to respond vulnerabilities which have yet to be patched.
“They didn’t just target large companies; instead, they targeted every site that their victims visited,” Hold Security said in its report. “With hundreds of thousands of sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites.”
The hackers managed to acquire over 1.2 billion username and password combinations, as well as over half a billion email addresses, although he firm claims that the actual number of stolen records could be close to 4.5 billion. Hold Security was able to uncover the extent of the exploits thanks to contacts within the group that was responsible.
Less than a dozen hackers were involved in amassing the stolen data, all of which were using servers that were based in Russia. It’s also possible that the hacking group was partnering with another, as of yet, unidentified group of hackers.
Read more about the story at Politico.