Russian hacker gang amasses 'largest ever' database of online credentials
Fewer than a dozen hackers in their 20s amassed the data which includes passwords, emails and usernames - but no financial data
A group of Russian hackers have amassed the largest ever cache of stolen internet credentials, reportedly accumulating more than 1.2 billion user name and password combinations and more than 500 million email addresses.
News of the group’s efforts comes from US firm Hold Security, who were previously responsible for uncovering the Adobe Systems hack of some 38 million accounts last year.
Hold Security said the hackers, based in a small city in south-central Russia, took information from more than 420,000 websites.
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” Alex Holden, the founder and Hold Security told the New York Times. “And most of these sites are still vulnerable.”
The US firm has not disclosed the identity of any of the targets, but say that the Russian gang used an infected botnet to conduct “possibly the largest security audit ever”, probing hundreds of thousands of websites looking for weaknesses.
Although the stolen information does not include financial data such as credit card numbers, the sheer size and scope of the cache has been described as a threat to both consumers and companies.
The Times reports that so far little of the stolen data yet been put to use, and that those logins that have been exploited are mainly being used to send spam messages on social networks like Twitter.
Hold Security uncovered the existence of the stolen data after a 7 month investigation, identifying fewer than a dozen men in their 20s who make up the gang. The men know one another socially and reportedly divide their work “like a small company”.
Mr Holden said his firm had begun alerting affected companies but warned that many of the sites involved were still vulnerable. Experts have cautioned that although no financial data was stolen, the online credentials taken by the gang could be just as damaging in terms of identity theft.
Life & Style blogs
What happens to your body when you give up sugar?
Why you should never make assumptions about people with autism
The big fresh food con: Alarming truth behind the chocolate muffin that won't decay
Kate Moss: Previously unpublished nude photo revealed by Mert and Marcus
Holi: Festival of colours honoured with Google Doodle – here's what you need to know about the celebration
Nearly 100,000 of Britain's poorest children go hungry after parents' benefits are cut
Durham Free School: 'Creationism taught at' free school facing closure
End of the licence fee: BBC to back radical overhaul of how it is funded
Elif Shafak: Turkish author warns against rise of British nationalism
Ex-head of MI6: 'We shouldn't kid ourselves that Russia is on a path to democracy'
Most people think legal tax avoidance is just as wrong as illegal tax evasion, poll suggests
- 1 Tourist films plane's descent just metres above packed Caribbean beach
- 2 Indian woman creates 'Marriage CV' after parents put her on dating site: 'Definitely not marriage material. Won’t grow long hair, ever'
- 3 World Book Day: Boy 'excluded' from school after dressing up as Fifty Shades' Christian Grey
- 4 Bad Jews poster 'censored' on London Tube
- 5 Have sex with your iPad thanks to the new sex toy no-one asked for
iJobs Gadgets & Tech
£65000 per annum: Ashdown Group: Technical Presales Engineer - central London ...
£70000 - £80000 per annum: Ashdown Group: A long-established, technology rich ...
Negotiable: Recruitment Genius: This fast growing experience-led technology co...
£20000 per annum: Recruitment Genius: An opportunity has now arisen for a Sale...