Washington: Russian hackers stole 1.2 billion Internet credentials from major US companies and others around the world in what is likely the biggest data breach ever, security researchers said on Tuesday.
The US firm Hold Security said the gang which it dubbed “CyberVor” collected confidential user names and passwords were stolen from some 420,000 websites, ranging from household names to small Internet sites.
“As long as your data is somewhere on the World Wide Web, you may be affected by this breach,” Hold said in a statement on its website.
“Your data has not necessarily been stolen from you directly. It could have been stolen from the service or goods providers to whom you entrust your personal information, from your employers, even from your friends and family.”
The security firm, which specializes in research on large data breaches, said the cybergang acquired databases of stolen credentials from fellow hackers on the black market, and then installed malware that allowed them to gain access to many websites and social media accounts.
“To the best of our knowledge, they mostly focused on stealing credentials, eventually ending up with the largest cache of stolen personal information, totaling over 1.2 bn unique sets of e-mails and passwords,” the researchers said.
