In a bizarre reminder of why security best practices are so critical to the world of IT, it has been reported that one of the largest collections of hacked and stolen login details are currently making the rounds in the Russian black market.
According to Alex Holden, Hold Security’s founder and Chief Information Security Officer, the company was first alerted to the breach by the hacker himself, as he bragged in online chat forums that he had stolen over a billion credentials for email accounts from various providers.
These accounts were mostly for the Russian service Mail.ru, but accounts included in the theft have also been identified as belonging to Google, Yahoo, and Microsoft, as well as some Chinese and German email providers.
The story becomes odd when the hacker delivered his price for the staggeringly large data set:
50 rubles, or just about $0.75, for the entire stash.
Hold Security haggled, refusing to pay the strikingly small ransom. Instead, the hacker was convinced to release his holdings for “likes” on one of his social media outlets.
The data ultimately took the form of 1.17 billion records for the aforementioned mail servers, as well as username and password combinations for assorted U.S. banks, retailers, and manufacturers, presumably belonging to the employees of these institutions.
The account holders may not be off the hook, either. Holden stated that there was no guarantee that there wasn’t remnant data left over, especially after the hacker had shown himself willing to share with sympathetic people. As a result, further attacks could still be engineered from these accounts and each of their contact lists, increasing the risks of dangers considerably.
How You Can Stay Safe
Not many hackers will be as amenable to the demands of security firms as this individual seemingly was. This is why it is so important to follow these best practices religiously; too often a data breach is out of the hands of the end-user.
For more assistance in maintaining your security and adhering to best practices, give us a call at (732) 291-5938. Our expertise can help you to avoid losing your information in the first place, allowing you to breathe easy in the knowledge that you have less to fear.
Comments