Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Escapist logo header image

Russian Hackers Have Stolen Over A Billion Internet Passwords

This article is over 10 years old and may contain outdated information
Binary graphic

The security firm who discovered the breach has chosen not to name the victims, due to nondisclosure agreements and companies whose sites remain vulnerable.

The New York Times reported yesterday that a Russian crime ring had amassed the largest collection of stolen digital information- including 1.2 billion username and password combinations and more than 500 million email addresses. Hold Security, a firm in Milwaukee that discovered the breach, said that the confidential material had been gathered from 420,000 websites. Those domains range from household names to small internet sites.

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”

Holden noted that because Russian websites had also fallen victim to the attack, he felt there was no connection between the hackers and the Russian government. He also said he intended to notify the local law enforcement of the attack- despite that the Russian government has generally neglected to pursue accused hackers in the past.

The hacking ring is based in a small city in south central Russia. They began as amateur spammers in 2011- buying stolen databases of personal information from the black market. Using botnets (networks of computers infected with a computer virus), they were able to capture credentials on a large scale. The group includes fewer than a dozen men in their 20’s who know one another personally as well as virtually, and their servers are also thought to be in Russia.

There is growing concern among the security community that preventing personal information theft is becoming a losing battle. Last December, 40 million credit card numbers and 70 million addresses, phone numbers and other bits of personal information were stolen from Target by hackers in eastern Europe. Just last month, the European Central Bank was breached by hackers and the personal data of their customers was held for ransom.

Let us know your thoughts by commenting below.

Source: The New York Times

Recommended Videos

The Escapist is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy