The Connection, Inc Blog

The Connection, Inc has been serving the New Jersey area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

This Hacker Stole 1.17 Billion Credentials. You Won’t Believe How Much He Sold it All For

This Hacker Stole 1.17 Billion Credentials. You Won’t Believe How Much He Sold it All For

In a bizarre reminder of why security best practices are so critical to the world of IT, it has been reported that one of the largest collections of hacked and stolen login details are currently making the rounds in the Russian black market.


According to Alex Holden, Hold Security’s founder and Chief Information Security Officer, the company was first alerted to the breach by the hacker himself, as he bragged in online chat forums that he had stolen over a billion credentials for email accounts from various providers.

These accounts were mostly for the Russian service Mail.ru, but accounts included in the theft have also been identified as belonging to Google, Yahoo, and Microsoft, as well as some Chinese and German email providers.

The story becomes odd when the hacker delivered his price for the staggeringly large data set:

50 rubles, or just about $0.75, for the entire stash.

Hold Security haggled, refusing to pay the strikingly small ransom. Instead, the hacker was convinced to release his holdings for “likes” on one of his social media outlets.

The data ultimately took the form of 1.17 billion records for the aforementioned mail servers, as well as username and password combinations for assorted U.S. banks, retailers, and manufacturers, presumably belonging to the employees of these institutions.

The account holders may not be off the hook, either. Holden stated that there was no guarantee that there wasn’t remnant data left over, especially after the hacker had shown himself willing to share with sympathetic people. As a result, further attacks could still be engineered from these accounts and each of their contact lists, increasing the risks of dangers considerably.

How You Can Stay Safe

  • Use separate, complex passwords: Many of the credentials examined since the breach proved to be repeats of others, as users repeated usernames and passwords across multiple websites. This is precisely the reason that best practices dictate users keep login credentials from repeating from account to account, as it only serves to make it easier for attackers to get in as well.
  • Change passwords frequently: As Holden mentioned, there is no guarantee that the information stolen wasn’t shared with other cybercriminals before Hold Security stepped in. This only emphasizes the importance of this next takeaway; that passwords should be changed with some frequency, avoiding any pattern or set schedule.

Not many hackers will be as amenable to the demands of security firms as this individual seemingly was. This is why it is so important to follow these best practices religiously; too often a data breach is out of the hands of the end-user.

For more assistance in maintaining your security and adhering to best practices, give us a call at (732) 291-5938. Our expertise can help you to avoid losing your information in the first place, allowing you to breathe easy in the knowledge that you have less to fear.

Tip of the Week: How to Keep a Facebook Friend Fro...
Pay-as-You-Go Cloud Computing Poised to Shake Up t...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Blog Archive

Mobile? Grab this Article

QR Code

Free Consultation

team work

Interested in seeing what we can do for your business? Contact us to see how we can help you!

Sign Up Today!

News & Updates

The Connection, Inc. Celebrates 32 Years as a Trusted Technology Provider!   Since our founding in 1992, technology and the way we operate and do business has changed a lot. Companies that have adapted and aligned themselves with ...

Contact us

Learn more about what The Connection, Inc can do for your business.

The Connection, Inc
51 Village CT
Hazlet, New Jersey 07730