General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsRussian criminals steal 1.2 billion passwords
Russian criminals have stolen 1.2 billion Internet user names and passwords, amassing what could be the largest collection of stolen digital credentials in history, a respected security firm said Tuesday.
The news was first reported by The New York Times, which cited research from Milwaukee-based Hold Security. The firm didn't reveal the identities of the targeted websites, citing nondisclosure agreements and a desire to prevent existing vulnerabilities from being more widely exploited.
The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.
So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work.
Continue reading the main story Continue reading the main story
But selling more of the records on the black market would be lucrative.
While a credit card can be easily canceled, personal credentials like an email address, Social Security number or password can be used for identity theft. Because people tend to use the same passwords for different sites, criminals test stolen credentials on websites where valuable information can be gleaned, like those of banks and brokerage firms.
Like other computer security consulting firms, Hold Security has contacts in the criminal hacking community and has been monitoring and even communicating with this particular group for some time.
http://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html?hp&action=click&pgtype=Homepage&version=LedeSum&module=first-column-region®ion=top-news&WT.nav=top-news&_r=0
Hotler
(11,433 posts)GOP all up in arms demanding an investigation, you know, all Benghazi like.......
DeSwiss
(27,137 posts)...as another reason for Congress to expand their surveillance capabilities. To protect and serve us all the better. You see there's a jungle of terrorists and Russian criminals out there just waiting to hack our ESTY and Netflix accounts.
- They already know we're about maxed-out on the cards and that there's no savings to steal......
magical thyme
(14,881 posts)winter is coming
(11,785 posts)Skittles
(153,170 posts)I cannot imagine being that naïve.
Logical
(22,457 posts)it's called being LOGICAL
Logical
(22,457 posts)We're doing. So you can sound more informed!
Happens a lot here.
Skittles
(153,170 posts)maybe because I have to have dozens of passwords at my job but I have never reused a password and am surprised ESPECIALLY after so many well-publicized breaches that people would still consider doing that
doxydad
(1,363 posts)I deal with people in their 40's thru 70's and ...as a rule I do not need thier passwords to get in their computers...they use 12345. they use PASSWORD, they use the name of their cats....it's insane.
Skittles
(153,170 posts)I did not realize it was that common - ESPECIALLY now that there have been so many highly-publicized security breaches
whereisjustice
(2,941 posts)give them a few hundred billion dollars a year with ZERO oversight and the power to label you a terrorist and detain/harass you and confiscate your computer & cell phone when you travel.
eallen
(2,953 posts)Any bank or commercial site that saves your password is derelict, by their doing so.
While having a different password for every site is difficult, I would recommend a different password for your important accounts, than the one you use for more ordinary sites.
Like this one.