I haven't seen this mentioned - does anyone have any further info??
A Russian group has hacked 1.2 billion usernames and passwords belonging to more than 500 million email addresses, according to Hold Security - a US firm specialising in discovering breaches.
Hold Security described the hack as the "largest data breach known to date".
It claimed the stolen information came from more than 420,000 websites, including "many leaders in virtually all industries across the world".
Hold Security did not give details of the companies affected by the hack.
"They didn't just target large companies; instead, they targeted every site that their victims visited," Hold Security said in its report.
"With hundreds of thousands of sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites."
These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems”
Hold Security
The New York Times, which first reported the findings, said that on its request "a security expert not affiliated with Hold Security analysed the database of stolen credentials and confirmed it was authentic".
"Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information," the paper said.
The paper added: "Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable."
less than 50%
[
link to www.bbc.com]
United States
