According to a latest report, 272 million stolen credentials recovered from hacker. Alex Holden, founder and chief information security officer of Hold Security, exposed the data breach.
Hold Security, a Wisconsin-based security firm famous for obtaining troves of stolen data from the hacking underworld, announced that it had persuaded a fraudster to give them a database of 272m unique email addresses along with the passwords consumers use to log in to websites.
“50 rubles” is what the hacker wants for this incredibly large set of data. He can’t be serious; based on today’s exchange rate it is less than one US dollar. This greatly impacts the data’s credibility and value, similar to an expensive sports car being sold for pennies at auction.
“I am just getting rid of it but I won’t do it for free.” he replies. In all reality, 50 rubles is next to nothing, but we refuse to contribute even insignificant amounts to his cause. It is rather funny to negotiate over this, but finally the hacker just asks us to add likes/votes to his social media page (so much for anonymity).” said Hold security in their post.
Don’t blame the Mail.ru, Gmail, and Yahoo alone. These emails were most likely to be collected from different website. A website, less secured where people use their email addresses along with a password to login.
People who are using different password for different websites, are safe. People who use the same password everywhere, are most likely to be affected. If you are one of them, we recommend to update your password and chose a different one.
Try this guide by Microsoft for strong password.
“Some people use one key for everything in their house.” Hold Security founder Alex Holden says. “Some people have a huge set of keys that they use for each door individually.”
Holden said, “There is no way for consumers to check if their emails were included in his firm’s latest find. In 2014, when his firm tried to set up such a service after obtaining a billion hacked login credentials, his site crashed.”
Hackers seems to be targeting Russian users. Around 57 million email addresses were from mail.ru the largest email provider in Russia. Mail.ru has 100 million active users per month. Around 40m of the addresses were Yahoo Mail, 33m Hotmail and 24m for Google’s Gmail service.
The hacker, who apparently is quite young, agreed. “We kind of call him the collector,” Holden says in a heavy Russian accent. “Eventually, almost everyone gets breached.”