A Milwaukee firm Hold Security revealed that a group of Russian hackers are currently in possession of 1.2 billion web credentials (usernames and passwords) and more than 500 million email addresses stolen from 420,000 vulnerable websites.
Hackers in Russia have pilfered so many passwords and other critical personal data of people from the Internet. Over half a billion email domains and 1.2 billion identities and passwords were stolen by this nefarious posse of thugs.
An organization named Hold Security was responsible for uncovering this plot by the gang of hackers. The people and companies affected by this massive failure of safety standards were not divulged due to confidentiality issues.
However, the hacked data include confidential material stolen from 420,000 vulnerable websites, including household names, and small Internet sites.
But the fact remains that this disruption in security has actually occurred and it is not just a scare tactic. Many of the big firms had previous knowledge of the situation that their databases had been broken into.
At the request of The New York Times, "a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information."
The shrewd and perceptive hackers didn’t just make American companies their main line of attack. They purloined stuff from almost anywhere they could. And when you couple that with the fact that the majority of the sites were still open to hacking operations, you have the perfect scenario of great trouble on the horizon.
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”
Many of the sites are being currently notified regarding the whole issue. This is so they could act in the nick of time. The window of opportunity for the hackers could cost them more than they had bargained for.
Concerns have been aired regarding the security issue online. It seems to be a never ending battle that the legitimate forces are beginning to get sick and tired of by now.
“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”
Last year, hackers stole vital info from the retail store Target and nothing could be done about it. A similar ID theft in Vietnam occurred recently too which shocked authorities who felt impotent at this out-and-out criminal behavior in cyberspace.
However, the latest Russian hackers beat all the rest of the incidents of theft hands down. They have prompted the authorities to seriously consider better and tougher security arrangements. Many sites within Russia had been broken into as well.
The crime gang may sell the info they have obtained on the black market which could fetch it a lot of money. The small coterie of hackers has been located but action has yet to be taken against its members.