Posted in Security News/Computer thread, but I think it needs a wider audience...
Russian Hackers Have 270 Million Email Logins, Including Gmail and Yahoo Accounts
Jamie Condliffe
Today 3:37am
It may be a good time to update your email password. A report from Reuters suggests that over 270 million hacked email credentials—including those from Gmail, Hotmail and Yahoo—are circulating among Russian digital crime rings.
Reuters reports that an investigation by Hold Security revealed the huge stash of login details, that are said to be being traded among criminals. Most of the credentials relate to the Russian email service Mail.ru, but the team has also identified details from Google, Yahoo and Microsoft.
The team from Hold Security was offered a tranche of 1.17 billion email user records in an online forum, and asked to pay just $1 for a copy of the data. The team refuses to pay for stolen data, but was given the information anyway when it offered to post positive comments about the hacker online.
The team has since sifted through the data set to remove duplicates, revealing that it contains 270 million unique records. Alex Holden, the founder of Hold Security, told Reuters that the data was “potent,” adding that the “credentials can be abused multiple times.”
Hold Security has apparently alerted all of the affected email providers. Mail.ru, Google, Yahoo and Microsoft are all now investigating the situation.
It may be that the stash is out of date and doesn’t present too much of a security threat—though, of course, it could be a new pool of data, in which case the accounts included in the tranche could be at risk. Initial reports to the BBC from Mail.ru suggest that there may also be a lot of repetition in the records, with usernames repeated with multiple passwords.
It may be a good time to refresh your password anyway.
[Reuters]
Russian Hackers Have 270 Million Email Logins, Including Gmail and Yahoo Accounts