Russian Hackers Stole Over 272 Million Email Accounts From Mail.ru, Gmail, Microsoft, Yahoo And More

Password Stealing

According to a recent report, Russian hackers have stolen login credentials for over 272 million email accounts from various domains. While most of these emails accounts are from Russia’s most popular email service Mail.ru, the hackers has also stolen email credentials from other popular email services like Gmail, Microsoft, Yahoo, and more.

Reuters reports that these stolen email accounts are now available for sale in Russia’s criminal underworld. The discovery comes from a security firm called Hold Security, who claims that this is one of the biggest stashes of stolen credentials to be discovered since the cyber-attacks that hit U.S. banks and retailers in 2014.

The researchers at Hold Security found about this when a young Russian hacker was bragging on a hacker forum. This young hacker was planning to give away a far larger number of stolen credentials that ended up totaling 1.17 billion records to make a name for himself. The security firm did not try to identify this hacker, as they believe it could affect their investigation. This hacker collected these data from many sources, and the researchers have dubbed him “The Collector“.

When Hold Security researchers contacted him, this mysterious hacker asked about 50 rubles or less than $1 for the entire trove. He later gave all the records free of charge in exchange for favorable comments about him in hacker forums. According to Alex Holden, founder and chief information security officer at Hold Security, his company has a policy of not paying for stolen data. Holden was also instrumental in uncovering some of the largest known data breaches in previous years, including the attacks that affected tens of millions of users on JP Morgan, Target, and Adobe Systems.

Holden says that after filtering duplicate records, his firm found 57 million Mail.ru email credentials, which is a huge number when compared to the 64 million monthly users the service said it had late last year. In addition to the Mail.ru accounts, the database also includes tens of millions of credentials including 24 million Gmail accounts, 33 million Microsoft accounts, 40 million Yahoo accounts, and hundreds of thousands of accounts from German and Chinese email providers.

Yahoo Mail credentials numbered 40 million, or 15 percent of the 272 million unique IDs discovered. Meanwhile, 33 million, or 12 percent, were Microsoft Hotmail accounts and 9 percent, or nearly 24 million, were Gmail, according to Holden.

Holden also said that thousands of these stolen credentials belong to employees of some of the largest U.S. banks, manufacturing and retail companies.

This information is potent. It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.

– Alex Holden, founder and chief information security officer at Hold Security

Hackers usually find data like these quite useful, as people tend to favor certain passwords and reuse them across various online services. Therefore, hackers use passwords they found on one account to try to break into other accounts of the same user.

Ten days ago, Hold Security has contacted all the affected organizations and service providers with the data and claims that their company’s policy is to return data it recovers at little or no cost to the firms that were breached.

This is stolen data, which is not ours to sell.

– Alex Holden, founder and chief information security officer at Hold Security

Reuters has contacted many of these organization for statement. In an email Mail.ru said that the company is currently checking whether any of the affected email accounts are active and will warn the affected users. The company also adds that they have not found any live combinations of user names and passwords that match existing emails.

We are now checking, whether any combinations of usernames/passwords match users’ e-mails and are still active.

As soon as we have enough information we will warn the users who might have been affected.

– Mail.ru in an email

Similarly, a Microsoft spokesperson has also made the following statement to Reuters,

Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access.

– a Microsoft Spokesperson

So far, Reuters could not get any statement from Yahoo and Google, but we believe these companies are doing their best to address the issue.

With all these said Hold Security and its researchers had still not found the identity of the hacker and are still in darkness about how he obtained all these data.

Source

Edward Ramamoorthy Avatar

Help Us Grow

If you like this post, please share it with your friends.

You are free to copy and redistribute this article in any medium or format, as long as you keep the links in the article or provide a link back to this page.

Subscribe to Newsletter




Privacy Settings

Privacy & Cookie Overview

Our website uses cookies to provide you with the best user experience possible. These cookies are stored in your browser and perform essential functions such as recognizing you when you return to our website, as well as helping us to understand which sections of the website you find most useful and engaging.

To learn more, you can read our Privacy & Cookie Policy or reach out through our Contact form.

Strictly Necessary Cookies

Strictly Necessary Cookies must always be enabled to ensure the proper functioning of this website and to allow us to provide you with excellent service. These cookies are also essential for saving your cookie preferences.

Google Adsense

We use Google AdSense to keep this site free by displaying relevant ads. AdSense requires essential cookies that cannot be disabled, but you can manage other cookies. We respect your privacy and provide options to control non-essential cookies.

For more details on how Google handles your data, visit Google's Data Usage Policy. Please review our Privacy Policy for more information on how we protect your data.

AddToAny

We use AddToAny for social sharing. It doesn’t store cookies, ensuring a privacy-friendly experience. AddToAny complies with GDPR and CCPA by default.

For more, see their Privacy Policy.

OneSignal

We use OneSignal to send notifications to users who opt in. OneSignal complies with GDPR and is certified under the EU-US and Swiss-US Privacy Shield frameworks.

For more, see their Privacy Policy.

3rd Party Cookies

This website utilizes third-party cookies, which can enhance your experience and support our ongoing efforts to improve our services.

Google Analytics

We use Google Analytics to collect anonymous data, such as visitor numbers and popular pages, to improve user experience and site performance. Keeping this cookie enabled helps us refine the site based on visitor activity.

For more information, see Google’s Privacy Policy.

Discover more from Prime Inspiration

Subscribe now to keep reading and get access to the full archive.

Continue reading