A RUSSIAN CRIME RING has got its hands on 1.2 billion internet user credentials, the biggest known collection of stolen usernames and passwords yet, which were procured in a series of internet heists affecting 420,000 websites, a security report has claimed.
The pilfering was uncovered by Milwaukee security firm Hold Security, which specialises in exposing security breaches.
The report establishes that the hackers, who are said to be based in south central Russia, grabbed 4.5 billion username and password combinations, although reportedly many were duplicates, with 542 million said to be unique email addresses.
Hold Security is not naming the victims of the thefts, which included Fortune 500 organisations, citing non-disclosure agreements.
Hold Security chief information security officer Alex Holden told the New York Times that the hacked websites ranged from household names to small businesses located all over the world. He refused to reveal the names of the raided websites but said that many of the big businesses in the list were found to be vulnerable to SQL injection attacks.
Holden said that the thieves "audited the internet", and that many of the affected sites are still vulnerable.
Malwarebytes intelligence analyst Chris Boyd called the theft of the credentials a "disaster of the worst kind", but pointed out that we are yet to see any hard details on the various breaches as no companies have come forward and admitted to having been affected.
"With zero information out there to go on, all we can say is to change your logins if you feel you must, but don't do it out of any sense of panic or impending doom," he said. "If this attack really is this wide reaching, then surely some of this information will come out in the wash eventually - with 1.2 billion passwords supposedly taken, it would be impossible for it not to."
In February, Hold Security also discovered 360 million compromised login credentials for sale in underground crime forums. These included an additional 1.25 billion records containing only e-mail addresses and also came from multiple security breaches. µ
Sign up for INQbot – a weekly roundup of the best from the INQ