The Internet is not a safe haven as it once was, with many online attacks happening on an almost daily basis. If that thought brought you to the edge of your seat, then today’s report might leave you with your jaw hitting the floor.
According to a latest report by The New York Times, a cyber gang based in Russia has managed to grab hold of more than a billion Internet based credentials. Yes, a billion, that is not a typo. The information includes usernames, passwords, email addresses and other personal information from various sources.
The discovery of the incident was made by a security firm based in Milwaukee, called Hold Security, and according to their findings, around 420,000 websites were compromised, which includes big name companies (Fortune 500 included) to smaller websites. But the story doesn’t end there; the report reveals that a total of 1.2 billion username and password combinations were compromised, including 500 million email addresses.
The sites which have been compromised haven’t been named in the report, citing “nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable.” But a quick check on the findings reveal that this incident is indeed authentic and a lot of personal information is at stake.
The good news however, is that the information is not being sold or hasn’t been made public by those behind the incident, but instead, the information is being used to spread out spam.
The NYT report also reveals that the Russian group is said to be run by a less than a dozen men who are aged less than 30, and their work can be traced back to 2011.
Having this incident taken place, it’s a good practice to change / refresh your passwords on different sites from time to time. And it has also been noted on several occasions that the same password shouldn’t be used for multiple accounts. Though keeping the same password across different sites is considered a cheap practice for saving time and memory, but it can have dire consequences as outlined in this report.
It would be interesting to see how the whole incident is taken care of. Will the information be made public? Or will sources remain silent on this one?
Only time will tell.