A security expert has confirmed to Reuters that around 272.3 million email accounts belonging to renowned Russian email service Mail.ru and other websites like Google, Yahoo, and Microsoft, have been compromised.
The hacked data includes usernames and passwords of the stolen email accounts as reported by Alex Holden, the founder and chief information security officer of Hold Security.
Holden is acclaimed for his earlier revelations about the world's biggest known data breaches that affected several million users of Target, Adobe Systems and JP Morgan while rendering them vulnerable to cyber attacks further.
The Hold Security researchers purportedly found a young Russian hacker bragging about his massive collection of 1.17 billion records comprising the stolen credentials, in an online forum. Holden has clarified that he found nearly 57 million Mail.ru accounts after filtering out the duplicate entries.
Quite surprisingly, the hacker was reportedly content selling the data for less than $1, but he later gave it up for free after Hold researchers offered to post positive feedback about him in the forums.
Holden clarified that his company policy refuses to pay for stolen data as it could be used for an unethical purpose such as break-ins or phishing attacks, besides compromising financial information or leading to reputation damage across the web.
The break-up for the compromised credentials across Yahoo, Microsoft and Gmail were listed as follows:
- 40 million Yahoo Mail accounts (15% of the 272 million credentials)
- 33 million Hotmail accounts (12% of the stolen credentials)
- 24 million Gmail accounts (9% of the stolen data)
The security company had started informing affected organisations about the possible data theft and the means to recover the same at no expense.
Last Updated 31, Mar 2018, 6:51 PM IST