Security Firm Finds 360M Online Accounts on Black Market

Hold Security, a security company based in the United States, claims that they have “uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets“, according to a recent article published by Reuters. The firm is unsure of the origin of the credentials or “what they can be used to access”  – further confirming a risk larger than “stolen credit card data” – since these credentials could “open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system“, according to the report.

According to statements in this report, the firm “obtained the data over the past three weeks, meaning an unprecedented amount of stolen credentials is available for sale underground.”  Hold’s Chief Information Security Officer Alex Holden was quoted in the article to say, “The sheer volume is overwhelming.” As the report continues to state, Holden believes that approximately 360 million records were “obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breaches known to date.” The article also stated that Holden feels much of this information was “stolen in breaches that have yet to be publicly reported” by companies who “remain unaware until they are notified by third parties who find evidence of the hacking.

The article continues to report that the compromised information includes “user names – typically email addresses – and passwords that in most cases are in unencrypted text” and are from “major providers such as AOL Inc, Google Inc, Microsoft Corp and Yahoo Inc and almost all Fortune 500 companies and nonprofit organizations.” Holden was quoted in the article to say, “We have staff working around the clock to identify the victims.” Hold Security announced on it’s website a statement which said,  “In addition to the 360 million credentials, the criminals are selling some 1.25 billion email addresses, which would be of interest to spammers“, according to the report.

Read more about this discovery and how security experts are preparing to help the victims of this theft in the full article at the Reuters web site.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.