A huge data breach has made more than 272 million e-mail accounts vulnerable. A Russian hacker has stolen passwords and usernames belonging to accounts from Russia’s largest e-mail provider, Mail.Ru, as well as from Gmail, Yahoo Mail and Microsoft’s Hotmail.
The hacker traded the information to a cybersecurity company in exchange for praise on a social media platform for hackers. But the situation might not be as dire as originally feared.
While the cache of personal information contains a tremendous amount of date, later reports about the breach indicate that the data might actually be from a series of older hacks, meaning the information has already been disseminated and is probably not valuable. It appears that the credentials had already been circulating among Russian digital crime rings.
Not Worth Much
Reuters reported yesterday that the stolen login data was first uncovered during an investigation by cybersecurity firm Hold Security. But a subsequent report from the Motherboard Web site said that Mail.ru checked some of the data and found that none of those e-mail and password combinations even worked.
Once the dust settled, it became apparent that the hacker was attempting to inflate the number of credentials he or she had. Hold Security said that the hacker offered the firm a tranche of 1.17 billion credentials, but as it turned out, only 272 million were unique — and only 42 million were credentials that Hold Security had never encountered before.
Hold Security reported that almost none of the passwords were encrypted, and that the hacker was offering the data for only about $ 1 — along with the notoriety that might come with uncovering the data. The company said the terms of the offer made it apparent that the credentials were gathered from older data breaches and meant to be sold cheaply to lower-level hackers and spammers.
Vigilance Still Key
According to the report from Reuters, about 40 million of the credentials came from Yahoo Mail, 33 million were from Microsoft’s Hotmail, roughly 24 million from Gmail, and almost 57 million were from Mail.ru. Thousands of additional credentials came from employee e-mail accounts at large U.S. banking, manufacturing and retail companies, while hundreds of thousands more came from accounts at German and Chinese e-mail providers, according to the report.
Even though the hacker all but gave the data away in exchange for exposure among fellow hackers, that doesn’t mean the breach had no value. Lane Thames, security researcher at Tripwire, told us the episode should serve as a reminder that with so much personal information floating around on the Web, malicious actors often have enough data to steal identities and account information.
“This big leak of e-mail logins and passwords looks like it might be an attempt to scam the scammers,” said Thames. “Some are claiming that the data is mostly useless, and with all of the caches of stolen credentials hiding in the Internet undergrounds, it would not surprise me to see scammers attempting to sell useless data. Regardless, we have to remain vigilant in today’s highly digital world.”
