Russian criminals have stolen 1.2 billion Internet user names and passwords, amassing what could be the largest collection of stolen digital credentials in history, a respected security firm said Tuesday.
The firm, Milwaukee-based Hold Security, didn't reveal the identities of the targeted websites, citing nondisclosure agreements and a desire to prevent existing vulnerabilities from being more widely exploited.
Hold Security founder Alex Holden told CNNMoney that the trove includes credentials gathered from over 420,000 websites -- both smaller sites as well as "household names." The criminals didn't breach any major email providers, he said.
A credential pair consists of a user name -- often an email address -- plus a password. There are roughly half a billion email addresses in the gang's collection, Hold Security says.
Holden said the gang makes its money by sending out spam for bogus products like weight-loss pills. That means that if you see strange messages being sent from your email or social media accounts, you might be among those affected.
"It's really not that impactful to the individuals, and that's why they were under the radar for so long," Holden said. "They've ignored financial information almost completely."
Take the quiz: Can you outsmart a hacker?
But Holden said the gang's success at amassing passwords demonstrates that weak security procedures are common on websites of all sizes.
visit here for full story
No comments :
Post a Comment