A young Russian hacker is believed to have hacked into email account data from some of the leading email servers with his data totaling 272.3 million accounts. Most the user accounts are from email service Mail.ru, which is very popular in Russia. Other fractions of the accounts are from global email services Yahoo, Google, and Microsoft.
The new discovery came after some of the Hold Security researchers saw an online post by a Russian hacker on an online forum where he was bragging about the amount of credentials he had in his possession and he was willing to give them away. The credentials allegedly totaled 1.17 billion records.
The funny part about this hack is that the young hacker advertised the stash to be available for only 50 rubles, which is something just below $1, according to Alex Holden, the security researcher, founder and chief information security officer at Hold Security. He said that this was one of the biggest stashes of stolen usernames and passwords ever since the cyber-attacks on US banks two years ago. Holden did not even need to give the hacker the 50 rubles he wanted for the stash.
He has been a big asset in uncovering some of the biggest breaches in the world. Some of the breaches which affected tens of millions of users at Adobe Systems, JPMorgan, and Target. He has managed to expose many companies to subsequent cybercrimes.
Holden and his team looked up at the data, and after removing duplicates they found out that the data cache had nearly 57 million Mail.ru accounts, which is fairly big considering that there are 64 monthly active users of the Mail.ru service. The data cache also had tens of millions of login credentials for the leading world email providers, Gmail, Microsoft, and Yahoo. Other German and Chinese email providers were also included in the data stash. According to their data that they had revealed, 42.5 million of the accounts on the data cache were new. This made the largest that he had seen, though he did signify it was no reason to panic.
The database that was hacked does contain many email accounts, but it does not necessarily mean that the Google, Yahoo, Microsoft, and Mail.run servers were attacked but rather the data was taken from smaller and less secure websites were people log in using their emails. For all those that use same passwords on multiple accounts, they were advised to change their email passwords because these are the potentially affected people. Holden also advised people to stop using the same password on all forums.
Mail.ru was informed about the potential data breach by the Russian hacker to which they sent out a statement saying they were checking whether any of the combinations on the data stash stolen matched any of the active users’ credentials.
“As soon as we have enough information we will warn the users who might have been affected,” Mail.ru said in the email, adding that Mail.ru’s first checks had not found any live combinations.
A Microsoft spokesman said the issue of stolen credentials was sadly a reality. He also mentioned that the company had security measures in place to counter and detect any account compromises and also relied on users to verify account owner and help them gain access.
Yahoo and Google did not respond to requests for comment.