Skip to main content
  1. Home
  2. Computing
  3. News

A Russian hacker has 272 million stolen Gmail, Yahoo, and Hotmail passwords

Julian Chokkattu
By

gmail early phishing detection inbox
Image used with permission by copyright holder
It may be time to update the password for your email. Usernames and passwords for more than 250 million stolen Yahoo Mail, Gmail, Hotmail, and other accounts are being swapped around in Russia’s criminal underworld, according to Reuters.

These stolen accounts were discovered by Hold Security, where researchers found a Russian hacker, dubbed as “the Collector,” bragging that he was ready to “give away” these credentials, which totaled 1.17 billion records. The security company eliminated duplicates, and found the total number of compromised accounts to be 272.3 million.

Recommended Videos

The largest amount of compromised credentials, 57 million, belong to Mail.ru users, which is Russia’s most popular email service. The email service has 64 million monthly active users, which means the breach affects most of the company’s userbase.

The rest break down to other popular email clients including Yahoo Mail, which reportedly has 40 million emails compromised; Microsoft Hotmail, with 33 million; and Gmail, with 24 million stolen credentials. Other credentials from email providers in Germany and China are also affected. It’s not clear if any of these accounts have actually been breached.

Many of the emails link to employees of some of the largest U.S. banking, manufacturing, and retail companies. Hold Security has been informing affected companies and organizations.

“This information is potent,” Alex Holden, founder and chief information security officer at Hold Security, told Reuters. “It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.”

The Russian hacker allegedly asked for 50 rubles, less than $1, for the data. But the security company received a copy after it agreed to post positive comments about the Russian in various hacker forums. The company didn’t pay for the stolen data, as it went against company policy.

“We are now checking whether any combinations of usernames/passwords match users’ e-mails and are still active,” a Mail.ru spokesperson told Reuters. “As soon as we have enough information, we will warn the users who might have been affected.”

The Russian email provider’s initial checks found no live combinations of user names and passwords that match existing emails.

Google moves quickly to rectify compromised accounts it detects, but cannot speak to specific incidents, according to the search giant. These “credential dumps,” like the one Google discovered in 2014, are an unfortunate reality.

“It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems,” the company said in the 2014 blog post. “Often, these credentials are obtained through a combination of other sources. For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials.”

These password dumps are a good reminder to set up a recovery phone number so the Mountain View company can quickly contact users in worst-case scenarios, according to Google.

A Microsoft spokesperson told Reuters that the company has security measures in place to detect compromised accounts, and requires additional information to verify the account owner.

Google told Digital Trends the company did not have a comment on the specific incident at the moment, and Microsoft and Yahoo have yet to respond. We will update this post when we hear back.

Editors' Recommendations

Topics
Julian Chokkattu
Julian Chokkattu
Former Digital Trends Contributor
Julian is the mobile and wearables editor at Digital Trends, covering smartphones, fitness trackers, smartwatches, and more…
Get up to $900 off the Dell XPS 15 and Dell XPS 17 today
A Dell XPS 15 laptop on an office desk next to a monitor.

It’s all change at Dell this year with the Dell XPS 16 replacing the Dell XPS 17 and the Dell XPS 15 gradually seeing fewer updates. That means if you’re still keen to snag a Dell XPS 15 or 17, your chance to do so is running out. That’s why it’s great to see some excellent laptop deals for both models with up to $900 to be saved at the moment. If you’re looking for a new laptop, read on while we guide you through what each laptop has to offer.
Dell XPS 17 -- $1,949, was $2,849

The Dell XPS 17 remains a good option for anyone seeking a powerful laptop that works well as a desktop replacement. It has a 13th-generation Intel Core i7-13700H processor with a massive 32GB of memory so it’s ideal for all kinds of productivity-based tasks such as if you need to manage many spreadsheets at once or if you just prefer to have a lot of windows open at once. It also has 1TB of SSD storage while it can handle plenty of gaming too thanks to its Nvidia GeForce RTX 4070 graphics card. Its display is a 17-inch full HD+ model with 1920 x 1200 resolution, anti-glare properties, and 500 nits of brightness so it looks great. Other quality of life improvements include plenty of USB-C ports, up to 14 hours of battery life, a great cooling system, and a form factor that means it squeezes a 17-inch display into a 15-inch form size. It also has a large edge-to-edge backlit keyboard, comfortable touchpad, and large keycaps so it feels good to work on as you’d expect from the makers of some of the best laptops.

Read more
This Dell gaming laptop with an RTX 3050 is discounted to $700
Dell G15 gaming laptop on a table.

You don't need to spend thousands of dollars to be able to get a decent gaming laptop, as there are budget-friendly options like the Dell G15 with the Nvidia GeForce RTX 3050 graphics card. It's currently even cheaper at just $700, following a $200 discount on its original price of $900. We're not sure how much time is remaining on this offer though, so if you think this is the perfect gaming laptop for you, stop hesitating and proceed with the purchase immediately to make sure that you don't miss out on the savings.

Why you should buy the Dell G15 gaming laptop
The Dell G15 is highlighted in our list of the best gaming laptops as the best budget gaming laptop under $1,000, as it provides dependable performance while staying affordable for most gamers. It's equipped with the Nvidia GeForce RTX 3050 graphics card, which is perfect for budget gaming, and pairs it with the 13th-generation Intel Core i5 processor and 8GB of RAM. These specifications are more than enough to be able to play the best PC games, though you may have to dial down the settings for the more demanding titles.

Read more
Intel’s big bet on efficient GPUs might actually work
An Intel Meteor Lake processor socketed in a motherboard.

Intel has a lot riding on its next-gen Battlemage graphics architecture, and a very early benchmark shows some promising signs for performance. An Intel Lunar Lake CPU packing a low-power integrated Battlemage GPU was reportedly spotted in the SiSoftware benchmark database. It boasts not only higher performance than Intel's Meteor Lake chips, but also much better efficiency.

User @miktdt on X (formerly Twitter) spotted the result, which appears to come from an early qualification sample of the HP Spectre x360 14. The benchmark picked up that the laptop was using a Lunar Lake CPU, which is said to come with the Xe2-LPG architecture, a lower-power version of Battlemage.

Read more