Biggest data theft: Russian hacking gang steal 1.2 billion passwords from 420,000 sites

The stolen data is being used to send scams and junk mail on Twitter – so far.

13:13 06 August 2014

According to a report published on Tuesday, Russian hackers have stolen 1.2 billion user names and passwords from 420,000 different websites in a feat that makes them the biggest data thieves around.

 

Hold Security, which uncovered the crime and which specialises in exposing security breaches, said that the identities of the websites affected haven’t been revealed yet. 

 

John Prisco, CEO of another security firm, Triumfant, reacted to the news saying: 'This issue reminds me of an iceberg, where 90 percent of it is actually underwater. That's what is going on here... So many cyber breaches today are not actually reported, often times because companies are losing information and they are not even aware of it.'

 

The breaches were reported by The New York Times, who said nondisclosure agreements require Hold Security to keep some information confidential. 

 

This break-ins further increase the doubts of the public about the security measure that both big and small companies use to protect their information online. 

 

Retailer Target Corp, whose system was hacked a few months back, is still struggling to win back its shoppers’ trust after hackers stole 40 million credit card numbers and 70 million addresses.