Need help? Chat now!

Hostwinds Blog

Search results for:

Security Firm Finds 360M Online Accounts on Black Market Featured Image

Security Firm Finds 360M Online Accounts on Black Market

by: Bryon Turcotte  /  February 28, 2014

Hold Security, a security company based in the United States, claims that they have "_uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets_", according to a recent article published by Reuters. The firm is unsure of the origin of the credentials or "_what they can be used to access_"  – further confirming a risk larger than "_stolen credit card data_" – since these credentials could "_open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system_, "according to the report.

According to statements in this report, the firm "obtained the data over the past three weeks, meaning an unprecedented amount of stolen credentials is available for sale underground._"  Hold's Chief Information Security Officer Alex Holden was quoted in the article to say, "_The sheer volume is overwhelming._" As the report continues to state, Holden believes that approximately 360 million records were "_obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breaches are known to date." The article also stated that Holden feels much of this information was "_stolen in breaches that have yet to be publicly reported_" by companies who "_remain unaware until they are notified by third parties who find evidence of the hacking._"

The article continues to report that the compromised information includes "_user names – typically email addresses – and passwords that in most cases are in unencrypted text_" and are from "major providers such as AOL Inc, Google Inc, Microsoft Corp, and Yahoo Inc and almost all Fortune 500 companies and nonprofit organizations." Holden was quoted in the article to say, "_We have staff working around the clock to identify the victims._" Hold Security announced on its website a statement which said,  "_In addition to the 360 million credentials, the criminals are selling some 1.25 billion email addresses, which would be of interest to spammers_", according to the report.

Read more about this discovery and how security experts prepare to help the victims of this theft in the full article at the Reuters website.

Written by Bryon Turcotte  /  February 28, 2014