Hacker

Russian hackers steal 1.2bn Web credentials

Life
(Source: Stockfresh)

6 August 2014

Criminals in Russia have amassed a huge database of 1.2 billion stolen user names and passwords and half a billion e-mail addresses, according to a report in the NEw York Times.

The data, believed to be the single biggest horde of stolen Internet identity information ever collected, was garnered from attacks that reached into every corner of the Web and hit around 420,000 sites, said security company Hold Security.

“Before, we were amazed when 10,000 passwords [went] missing. Now we’re in the age of mass production of stolen information,” Alex Holden, the company’s founder and chief information security officer, told IDG News Service.

Hold Security didn’t identify the websites that were breached, citing confidentiality agreements with clients, but it said they include household names as well as small websites.

The New York Times, which first reported the story, said it hired an independent security expert who verified that the stolen data is authentic.

The sheer scale of the database appears to dwarf similar discoveries in the past. By comparison, the recent theft from Target affected 40 million credit and debit card numbers and 70 million personal records.

New level
That was one of the largest breaches of all time, but the activities of the Russian gang take identity theft to a new level.

“These guys did nothing new or innovative,” said Holden. “They just did it better and on a mass level so it affects absolutely everybody.”

The group behind the attack appears to be based in south central Russia, Holden told The New York Times. He said they didn’t appear to have government links and were a group of around a dozen people in their 20s. With servers based in Russia, the group expanded its activities earlier this year, probably after partnering with a larger organisation, he told the newspaper.

Hold Security named the gang CyberVor, after the Russian word ‘vor,’ meaning thief.

Read More:


Back to Top ↑

TechCentral.ie