Security firm claims hackers in Russia stole more than a billion usernames and passwords

” id=”attachment_516530″]hackers russia steal 1 billion usernames passwords security
A gang operating in Russia is reportedly in possession of a staggering 1.2 billion usernames and passwords in a massive hack involving more than 420,000 websites, including many operated by high-profile companies.

Online security firm Hold Security reported details of the hack on Tuesday, describing it as “the largest data breach known to date.”

In a report titled “You have been hacked,” Hold Security said the gang, which it dubbed CyberVor (‘vor’ means ‘thief’ in Russian), had initially acquired databases of credentials from other hackers operating on the black market.

“These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems,” the firm said.

Related: Tips on how to pick a strong password

CyberVor later changed its approach, switching to botnet-based methods to build its collection of stolen data. According to the Milwaukee-based security firm, which has been researching the case for the last seven months, these botnets helped the gang to identify around 420,000 vulnerable websites.

“Whether you are a computer expert or a technophobe, as long as your data is somewhere on the World Wide Web, you may be affected by this breach,” the security firm warned, adding, “Your data has not necessarily been stolen from you directly. It could have been stolen from the service or goods providers to whom you entrust your personal information, from your employers, even from your friends and family.”


In its report, Hold Security touted a number of its own services as solutions for bolstering website security, securing data online, and discovering whether your data is in the gang’s possession. While its apparent eagerness to promote its services may cause some to raise an eyebrow over the veracity of its findings, the NY Times reported that an independent online security expert acting on its behalf had examined Hold Security’s research, including the stolen data, and confirmed it to be genuine.

The NY Times said that Hold Security declined to make public any of the affected companies, citing “nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable,” adding that some of them had been told their records were among the stolen data.

The security firm has a track record for uncovering similar high-profile incidents, including the Adobe attack last year involving 38 million accounts. It also identified and tracked the Target security breach earlier this year which saw login and password information for around 360 million accounts posted online.

Following Hold Security’s latest findings, it could be time for you to embark on yet another laborious password-changing session. When trying to figure out a new one, you should keep these tips on how to create a rock-solid password in mind. Enabling two-step verification with online accounts offering the option would also be a wise move.


These are the worst passwords of 2018. Is yours on this list?

Do you use a bad password that makes your online accounts easy to break into? SplashData has compiled a list of the top 100 worst passwords for 2018 and there are quite a few listings that were carryovers from prior lists.
Smart Home

People are stealing Ring doorbells (and it’s no knock-knock joke)

Ring Video Doorbell thefts in a Denver neighborhood raise questions about how much security the smart home devices actually provide. One homeowner and the police have a video of the theft. Here's what to do if your Ring device is stolen.

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.

With 20,000 sites swallowed up, a botnet is eating WordPress alive

A botnet of infected WordPress sites has been attacking other WordPress sites, generating up to five million malicious logins on certain WordPress backends within the last thirty days.

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.

Windows Update not working after October 2018 patch? Here’s how to fix it

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.

Microsoft could split up search and Cortana in the next Windows 10 release

In the latest Insider preview build, Microsoft is exploring ways to split up Cortana and search on Windows 10. If Microsoft moves ahead with this change, we could see separate search and Cortana options in the Spring 2019 Update.

Mining cryptocurrency for Razer Silver isn’t worth your computing power

Gaming peripheral maker Razer launched a cryptocurrency mining scheme called SoftMiner. You use its software to mine and in return, you get Razer Silver which you can use to buy Razer gear.

Microsoft’s latest patent paves the way for Andromeda dual-screen mobile device

The latest patent discovery from Microsoft showcases a new hinge design for quickly opening a dual-screen mobile device with a single hand. Could this be additional proof surrounding the rumors of the company's Project Andromeda device?

Heal your wrist aches and pains with one of these top ergonomic mice

If you have a growing ache in your wrist, it might be worth considering changing up your mouse for something ergonomic. But which is the best ergonomic mouse for you? One of these could be the ticket to the right purchase for you.

Nvidia’s Jetson AGX Xavier module is designed to give robots better brains

Nvidia's pricey Jetson AGX Xavier might help drive the next generation of smart robots. Nvidia hopes that developers will use its new Xavier module to power AI-driven machines like delivery drones and robots used in manufacturing.

These Windows 10 keyboard shortcuts will update your OG Windows skills

Windows 10 has many new features, and they come flanked with useful new keyboard shortcuts. Check out some of the new Windows 10 keyboard shortcuts to improve your user experience and save more time!

Leaked AMD Ryzen 3000 mobile benchmarks look fit for thin, low-power laptops

AMD is poised to give Intel a run for its money in the ultra-low-power processor space for laptops. Leaked benchmarks for the Ryzen 3000 APU series show the AMD processor besting Intel's Core i7 Y series in multicore performance.

Apple is spending $1 billion to hire up to 15,000 new employees in Austin

Apple has announced a series of expansions across the U.S. -- including a massive expansion to the company's Austin campus that will see it spending $1 billion to accommodate for up to 15,000 new employees.