Hundreds of millions of email usernames and passwords are ‘up for grabs’ in Russia’s criminal underworld, according to a security expert.
Speaking exclusively to Reuters, Alex Holden, founder and chief information and security officer of Hold Security, revealed that 272 million people are at risk.
While the majority of affected users have accounts with Mail.ru, the most popular email service provider in Russia, the data breach also affects Google, Microsoft and Yahoo customers.
Hold Security was alerted to this when it came across a “young Russian hacker” gloating on an online forum that he has amassed a collection of stolen credentials amounting to an astonishing 1.17 billion.
“This information is potent,” Mr. Holden told the online news provider. “It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him.”
He added that what makes these details so appealing to individuals is that they can be used “multiple times”.
In an official company blog, Hold Security revealed that through their investigation, they made some fascinating findings.
“When we peel back the layers and dig deeper, we find that the hacker is holding something back from us,” the post states.
“Within several days of communication and after a couple more strategically timed votes on his social media pages, he shared more useful information.
“At the end, this kid from a small town in Russia collected an incredible 1.17 billion stolen credentials from numerous breaches that we are still working on identifying.”
It is still not clear how the unknown youngster, referred to as ‘The Collector’, managed to collect such a substantial amount of data.
by Narinder Purba, ESET We Live Security