A gang of Russian cybercriminals is believed to have stolen 1.2 billion website credentials and more than 500 million email addresses.
An American cybersecurity company announced this week that, after seven months of investigation, it had uncovered what is most likely the largest known data breach in history.
The security firm revealed that a gang of Russian cybercriminals is believed to have stolen 1.2 billion website credentials and more than 500 million email addresses. The group was able to contain a total of 4.5 billion credentials, but many of them were duplicates, resulting in a total of just over 1 billion.
The criminal network is made up of more than a dozen young Russian men , though no connection has been found between the gang and the Russian government according to The New York Times. The cybercriminals started out buying stolen personal information and became small-time spammers three years ago, but began to aim for bigger targets in April.
According to CNET, a breach of this size means that almost every adult who uses email was affected by the hack. The security company that discovered the breach suggests Internet users should assume their information was compromised.
“Whether you are a computer expert or a technophobe, as long as your data is somewhere on the World Wide Web, you may be affected by this breach,” the security organization warned in a blog post this week. “Your data has not necessarily been stolen from you directly. It could have been stolen from the service or goods providers to whom you entrust your personal information, from your employers, even from your friends and family.”
Hackers used bot to steal information
The Russian group used giant botnets to steal such a large number of credentials, according to the Times. Botnets are able to do much of the grunt work for cybercriminals by automating the process of identifying vulnerabilities. When a user infected with the gang’s malware visits a website, the bot runs a test to see if it is vulnerable to SQL injection- a technique commonly used by hackers that forces a database to show its contents when a command is entered. If a site proves vulnerable, the botnet flags it and the hackers come back later to steal the information stored there.
According to the security company, all types of websites were hacked, not just big names. In all, 420,000 Web and FTP sites had user data taken from them. Currently, the Russian gang hasn’t sold much of the stolen information to other criminals, instead choosing to use it to send spam messages on social media for other groups in order to collect fees, the Times reported.
“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst with Gartner, in an interview with the Times. “Until they do, criminals will just keep stockpiling people’s credentials.”
Major data breaches of this nature are only going to become more common, and businesses need to implement safeguards to protect their customers’ information. Unfortunately for most companies, cybersecurity is not a core competency and putting data protection procedures in place can be daunting and time consuming. For businesses who aren’t sure how best to protect their systems, security information and event management services are available to watch over networks 24/7 and provide actionable data about cybersecurity threats. With concierge SIEM services, in-house IT staff can be free to focus on business-critical projects while still ensuring the security of enterprise systems.