1.2 Billion User Names and Passwords Stolen in Massive Hack, Security Firm Says

Photo (cc) by elhombredenegro

Russian hackers have collected 1.2 billion user name and password combinations and 500 million email addresses, according to a security firm.

The massive hack was discovered by Milwaukee-based Hold Security LLC after seven months of research, Bloomberg said. Hold Security said in a news release that the Russian cyber gang responsible for this is now in possession of the largest known cache of stolen data.

More than 420,000 Web and FTP sites were likely targets, the private security firm said. The hacking scheme targeted websites of all sizes, including personal websites.

According to The New York Times:

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”

Hold Security said it will not name victims of the breach because of that vulnerability.

So what are the Russian hackers doing with the stolen information? According to Time:

As of now, the criminals have not sold many of the records online, and instead are giving the information to third parties to send spam on social networks like Twitter. They’re then collecting fees for their work. So far, it doesn’t appear to be a complete disaster for Internet users, but it leaves a lot of people very vulnerable.

The sheer size of this hack has brought standards of identity protection on the Web into question, the New York Times said.

“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”

Though you likely won’t find out if your user names and passwords were stolen in this breach, it’s still a good idea to take steps to protect yourself, Time said.

It’s probably a good idea to change your password now. And if you use the same passwords for multiple websites — don’t. Reusing passwords is not a good idea because it makes it that much easier for hackers to get into many of your accounts and access key information like your credit card data. Security experts recommend regularly changing your passwords anyway.

What do you think about the latest cybersecurity breach? What do you do to protect your Internet credentials? Share your thoughts below or on our Facebook page.

Disclosure: The information you read here is always objective. However, we sometimes receive compensation when you click links within our stories.

Most Popular
New Retirement Bill Would Help Savers of All Ages
New Retirement Bill Would Help Savers of All Ages

With bipartisan support, this bill could help millions of workers and retirees boost or conserve their retirement savings.

If You Find This Thrift Shopping, Buy It
If You Find This Thrift Shopping, Buy It

This iconic dinnerware is prized for everyday use as well as reselling for profit.

3 Colors That Can Ruin Your Car’s Resale Value
3 Colors That Can Ruin Your Car’s Resale Value

Select the wrong color for your next car, and it could depreciate twice as fast as others.

What Inflation Means for Social Security Checks in 2022
What Inflation Means for Social Security Checks in 2022

Recent inflation figures were ugly. Here’s what they hint about the next Social Security benefits adjustment.

20 Things That Are Actually Worth Stockpiling
20 Things That Are Actually Worth Stockpiling

You don’t need a year’s supply of toilet paper to survive an outbreak, but consider stocking up on these items.

9 of the Best Things to Do When You Retire
9 of the Best Things to Do When You Retire

You’ve waited all your life for this moment. Make the most of your retirement.

View More Articles

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Add a Comment

Our Policy: We welcome relevant and respectful comments in order to foster healthy and informative discussions. All other comments may be removed. Comments with links are automatically held for moderation.