Wednesday, August 6, 2014
Russian gang stole 1.2 billion passwords
LAS VEGAS -- Security researchers say a Russian crime ring has pulled off the largest known theft of confidential Internet information including 1.2 billion username and password combinations and more than 500 million email addresses.
The cyber gang injected malicious code to steal databases from at least 420,000 websites, says Alex Holden, founder and chief information security officer for Hold Security in Milwaukee, Wisc.
"It is absolutely the largest breach we've ever encountered," Holden said Tuesday.
Most unsettling, he said, was finding his own credentials among the compromised data.
Hold Security cyber sleuths have been monitoring the cyber gang for about seven months, but only recently realized the magnitude of the gang's operation, Holden said.
"We thought at first they were run-of-the-mill spammers," he said. "But they got very good at stealing these databases."