According to new reports, more than 270 million hacked email credentials are being traded by Russian hackers.
(CCM) — A new report from Reuters details how security firm Hold Security has recovered the stolen credentials from a collector. The security firm, led by Founder and Chief Information Security Officer Alex Holden, discovered 272.3 million stolen Mail.ru, Google, Yahoo, and Microsoft email credentials. The majority of these login credentials were from Russia's most popular email service, Mail.ru. A team from Hold Security was offered a file of 1.17 billion email user records by a young Russian hacker who boasted about his collection. The hacker was giving away this information for under $1, but the team convinced the hacker to hand over the information in exchange for its posting of positive comments about the hacker online. The team analyzed this data, removed duplicates, and found that it contained more than 270 million unique records, nearly 57 million of which were Mail.ru accounts. "This information is potent. It is floating around in the underground and this person has shown he's willing to give the data away to people who are nice to him," said Holden. "These credentials can be abused multiple times."
While this may sound like a reason to panic, reports indicate that the stolen credentials are likely compiled from older hacks. In a statement to Motherboard, Hold Security's Alex Holden said, "It seems to be a collection of different breaches." In a separate statement, Mail.ru said that it will warn affected users, but claims that its initial checks have revealed no live combinations of usernames and passwords.
Photo: © frank_peters - Shutterstock.com