Leave a comment

Russian gang stole more than 1 billion names and passwords

Hang on to your hats, because I'm going to tell you about what could be the largest data breach in history.

Security company Hold Security - the same company that brought the huge Adobe data breach to light - is reporting that Russian hackers have stolen - get ready for it - 1.2 billion names and passwords and 500 million email addresses from more than 420,000 websites.

As you can imagine, this breach didn't happen overnight. The Russian hackers have been building infrastructure and stealing information for years. They use a number of methods to go after any site they can find, from major companies to tiny blogs.

The most common method was SQL injection, which tricks a website's database into giving hackers information they shouldn't have. All hackers have to do is send the site the right bit of code.

SQL injection flaws are common and most sites - like mine - work hard to make sure that they don't have them. Still, sites that run older database software or sites that don't set their security properly are easy to crack.

When you think of how many sites out there store user information, it's not hard to see how hackers can steal a lot of information - 420,000 websites worth of information, apparently.

Unfortunately, this is a developing story, so right now Hold Security won't say what sites are affected. Until the sites fix the problems, identifying them will just leave them open to other hackers.

Next page: So what can you do?
View Comments ()
Airliners are wide open to in-flight cyberattacks
Previous Happening Now

Airliners are wide open to in-flight cyberattacks

And the iPhone 6 release date is...
Next Happening Now

And the iPhone 6 release date is...