Russian Hackers Caught With 1 Billion+ Stolen Passwords

August 7, 2014 in Cybersecurity News
Russian hackers

Seems like just about everyone thought that the massive Target data breach earlier this year would be the biggest for a while. Yet only a matter of weeks later, eBay announced a data breach that was even bigger.

Now we’re learning of a hacker haul that makes those earlier breaches look like chump change. Security researchers in Milwaukee revealed that they’ve been monitoring a hacking gang operating from a small Russian town, and found the gang had managed to amass a database of more than 1.5 billion stolen credentials.

Here’s just a sample of what the investigators learned about the hackers, and the implications of their haul:

  • The gang appears to be nothing more than a handful of young friends who started their endeavor as a spamming business but may have stumbled upon bigger opportunities.
  • Much of the information was stolen by using a botnet, a large network of compromised computers that were then used to identify websites with vulnerabilities that could be exploited.
  • Over the last couple of years, the small gang amassed a collection of more than 4 billion stolen personal records, including usernames, passwords, and email addresses.
  • After some analysis, that collection of 4 billion records was reduced to around 1.5 billion unique records, and because many users have multiple accounts, boiled it down even further to about half a billion unique email addresses.

This is No Target Breach

This is way worse. Target was a determined and slightly lucky attack on just one company. The information in the Russian hack is believed to have been stolen from close to half a million websites, ranging from Fortune 500 firms to tiny businesses.

According to researchers, most of those websites coughed up valuable information because they had vulnerabilities that had not been spotted and patched in time. But worse than that, the researchers are refusing to identify the websites involved because, they claim, most of the sites are still unpatched and vulnerable.

And while the Target breach consisted mainly of credit and debit card numbers that could easily be cancelled and replaced, it’s not so easy to change an email address you might have been using for years. And those stolen email addresses have probably been widely used for everything from spamming to phishing.

How Should You Respond to this Discovery?

  • Use this as a wake-up call. Make sure your website is secure, patched, and regularly scanned for security vulnerabilities.
  • Change all your important passwords, and encourage your employees to do the same.
  • Stop using the same password on more than one site. Most users fall into this convenience trap, which can give hackers even more accounts to break into.
  • Be on the alert for phishing emails that try to use your email address and this story to trick you into some kind of scam.
  • Protect all your computers so they’re not vulnerable to hijacking by hackers and enlisted into a botnet.

Contact SiteLock today to learn how website security completes the security puzzle and helps prevent the spread of malware and botnets.

Google Author: Neal O’Farrell

Latest Articles
Follow SiteLock