Skip to main content

Are your username and password available to hackers? 1.2bn credentials uncovered in grand heist

A Russian criminal gang has pulled off the biggest online data heist ever, lifting 1.2 billion usernames and passwords belonging to more than 500 million email addresses. This is the largest cache of stolen data ever found.

The nameless gang has been dubbed "CyberVor", after the Russian word "vor", meaning "thief" by Hold Security, the company responsible for discovering their nefarious doings.

The CyberVor gang amassed a huge database of over 4.5 billion records, mostly consisting of stolen credentials. 1.2 billion of these credentials appear to be unique, complete pairs of usernames and passwords belonging to over half a billion e-mail addresses around the world. To get such huge horde of personal details, the CyberVor gang robbed over 420,000 web and FTP sites.

The gang initially acquired databases of stolen credentials from others in the hacking community. These databases were then used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems.

Advice to companies is to check if your website is susceptible to a SQL injection. It's hard to spot and might not even be on your main site – a weakness in one of your auxiliary sites can be just as devestating.

For individuals, Hold Security announced that it will be providing full electronic identity monitoring service to all the individuals within the next 60 days. Interested users should pre-register for the service. The company is also readying a tool that allows users to check whether their passwords have been included in the grand haul of credentials.

The firm initially posted a message on its site saying it would charge $120 (£71) a month for the "breach notification service", although that message has since been removed, and it's unclear whether any charge is planned.

"This is the Internet Arms Race well and truly on," said Toyin Adelakun, VP at Sestus security firm.

"The ever-growing sophistication of these attacks suggests the attackers have greater resources at their disposal - and there will always be speculation as to the degree of state backing. Cross-jurisdictional law enforcement cooperation may help amongst allies, but with Russia and the West seeming to diverge on other major points of policy, cooperation on cybersecurity matters is unlikely to bear any short-term fruit."

Russia has been cracking down on Western technology companies' stranglehold over IT services in Russia. Russia's state Duma – the lower house of its federal legislature – is currently drafting a bill that orders Russian government agencies and both state-owned and businesses in which the state has a partial stake, to give domestic firms "preference" over foreign computer software and hardware from the US, Europe, or Asia.