A Russian hacker breached 272.3 million account credentials from email services and other services, such as Gmail and Hotmail, and attempted to sell them for less than $1 each to Russia’s criminal underworld.
The breach is one of the largest to be uncovered since cyber-attacks hit major U.S. banks and retailers two years ago.
The anonymous hacker was advertising his pile of accounts on a dark web forum when researchers at Hold Security discovered him. Analysts began reaching out and asking for a dataset to verify. The hacker noted that he only wanted 50 rubles, which is less than $1.
His list included 57 million Mail.ru addresses (Russia’s most popular email service), 40 million Yahoo addresses, 33 million Hotmail addresses, and 24 million Gmail addresses. Additionally, there were thousands of email addresses from Germany and China.
“I am just getting rid of it, but I won’t do it for free,” the hacker wrote to the analysts. Ultimately, he settled for giving the data up in exchange for social media likes and votes on his page at VKontakte, a social network alternative to Facebook in Russia.
This information is floating around the underground, and the hacker has shown that he will reveal the data to those who comply. A large-scale breach like this can be used to engineer further break-ins or phishing attacks by reaching the contacts tied to each compromised account, thus increasing the risk for financial theft or reputational damage.
Whether or not your email account was affected by the breach, it may be time to change your password to something stronger and enable two-factor authentication that will make it impossible for anyone to steal your account with just your log-in information.
Source: Tech Insider
Advertisement
Learn more about Electronic Products Magazine
