Hacker gang amasses 'largest ever' database
Fewer than a dozen hackers in their 20s amassed the data which
includes passwords, emails and usernames - but no financial data
A group of Russian hackers have amassed the largest ever cache of
stolen internet credentials, reportedly accumulating more than 1.2
billion user name and password combinations and more than 500 million
email addresses.
News of the group's efforts comes from US firm Hold Security, who
were previously responsible for uncovering the Adobe Systems hack of
some 38 million accounts last year.
Hold Security said the hackers, based in a small city in
south-central Russia, took information from more than 420,000 websites.
"Hackers did not just target U.S. companies, they targeted any
website they could get, ranging from Fortune 500 companies to very small
websites," Alex Holden, the founder and Hold Security told the New York
Times.
"And most of these sites are still vulnerable."
The US firm has not disclosed the identity of any of the targets, but
say that the Russian gang used an infected botnet to conduct "possibly
the largest security audit ever", probing hundreds of thousands of
websites looking for weaknesses.
Although the stolen information does not include financial data such
as credit card numbers, the sheer size and scope of the cache has been
described as a threat to both consumers and companies.
The Times reports that so far little of the stolen data yet been put
to use, and that those logins that have been exploited are mainly being
used to send spam messages on social networks like Twitter.
Hold Security uncovered the existence of the stolen data after a 7
month investigation, identifying fewer than a dozen men in their 20s who
make up the gang. The men know one another socially and reportedly
divide their work "like a small company".
Holden said his firm had begun alerting affected companies but warned
that many of the sites involved were still vulnerable. Experts have
cautioned that although no financial data was stolen, the online
credentials taken by the gang could be just as damaging in terms of
identity theft.
- The Independent
|