Russian Gang Amasses Over a Billion Internet Passwords –

by | Aug 6, 2014 | Articles, Security, Website Security

The New York Times reported this morning that a Russian gang has managed to steal 1.2 billion usernames and passwords, and over 500 million email addresses, from vulnerable websites.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems. Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable.

At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

Alex Holden of Hold Security said most of the targeted websites were still vulnerable.

The full story is available on the New York Times website.

Protect Yourself

This would be a good time to change your passwords on the websites you use. Make your passwords “hard”, by not using common words, and by including both upper and lower case letters, numbers and punctuation symbols. They should also be of a decent length, at least 8 characters long.

You could use a service like Lastpass, which will assist you in managing passwords. Lastpass generates secure passwords automatically, and remembers them so you don’t have to. If you prefer to remember your password yourself, you can use the Password Generator provided by The Best VPN.

Protect your Website

This data was apparently stolen by making use of a common website vulnerability called “SQL injection”, which is a technique that attempts to execute SQL commands by entering them into forms on your website. Your website should be designed to block these attempts.

WordPress combined with the iThemes Security plugin is an almost impenetrable combination, which will block SQL injection and most other attacks.

Join Today

Curabitur non nulla sit amet nisl tempus convallis quis ac lectus. Donec rutrum congue.

Curabitur arcu erat, accumsan id imperdiet et, porttitor at sem. Vivamus magna justo, lacinia eget consectetur sed, convallis at tellus. Donec sollicitudin molestie malesuada. Pellentesque in ipsum id orci porta dapibus. Curabitur arcu erat, accumsan id imperdiet et, porttitor at sem. Quisque velit nisi.

By NettSite

Curabitur aliquet quam id dui posuere blandit. Proin eget tortor risus eget tortor.

Check Out These Related Posts

Are Your Children Safe Online?

Are Your Children Safe Online?

Password education should be age-appropriate: here's how Our set of best practice principles should help adults to teach the principles to children in an age-appropriate way. Shutterstock Karen Renaud, Rhodes University and Suzanne Prior, Abertay University Children...

read more