In what is one of the biggest data breaches in history, millions of
Gmail, Hotmail and Yahoo Mail accounts have been compromised with
usernames and passwords currently being sold in the Russian
criminal underworld.
According to Reuters, who spoke to Alex Holden, founder and
chief information security officer of Hold
Security, 272 million account details were stolen. The biggest
share of those accounts belongs to Russia's own Mail.ru email
service accounts at 57 million, but a large number also belong to
Gmail, Hotmail and Yahoo Mail users.
Yahoo Mail accounted for 15 percent of the haul with 40 million
accounts, Hotmail for 12 percent, with 33 million accounts, and
Gmail for 9 percent, with 24 million accounts.
It wasn't just email accounts that were targeted, according to the
report, thousands of account credentials belonging to employees of
some of the largest US banking, manufacturing and retail companies
were also compromised.
Holden stumbled on the discovery after he saw a Russian hacker
nicknamed "The Collector" bragging about the haul in an online
forum. He was asking for just 50 rubles (~S$1) for the lot, but
amazingly, Holden was given the trove for free after agreeing
to post favorable comments about the hacker online.
"This information is potent," Holden said. "It is floating around
in the underground and this person has shown he's willing to give
the data away to people who are nice to him. These credentials can
be abused multiple times."
Source: Reuters and Hold
Security
HWZ