Huge Email Data Breach Means Your Passwords Aren’t Safe

Conor Cawley

Emails have been hacked and your passwords aren't safe. And while a data breach seems to happen every month or so, this one is for real. Seriously, this particular hack is going to take down all your accounts, and your important information is going to be in the hands of Russian mobsters by the end of the afternoon.

Now that tensions have been relieved with a comedic tone, this data breach is actually pretty serious. As Reuters reported earlier this morning, it is one of the largest breaches since US banks and retailers dropped the online security ball two years ago. A hacker in Russia stole over 272 million email accounts. Google, Yahoo and Hotmail were among those hacked in addition to Mail.ru, Russia's most popular emailing service.

Alex Holden, founder and chief information security officer of Hold Security, was the information source for the data breach. He stated that the discovery came after Hold Security employees found a young Russian hacker bragging in an online forum that he had stolen the IDs and passwords of billions of email users around the world. After ruling out duplicates and inactive accounts, it was decided that approximately 272 million users were at risk.

“This information is potent. It is floating around in the underground and this person has shown he's willing to give the data away to people who are nice to him,” said Holden, the former chief security officer at R.W. Baird. “These credentials can be abused multiple times.”

The strangest thing about this breach, as Holden mentioned, is the immaturity of the hacker in question. Not only is he deemed a “young Russian hacker,” but he was also asking for 50 roubles for every single account. That is less than a single dollar. Even stranger, the young Russian hacker ended up lowering his price from “50 roubles” to “favorable comments from Hold Security on reputable hacker forums.” Yes, this hacker traded his bounty for a better reputation. And you would think a nod from Reuters would be enough for him.

Fortunately, most of these accounts can be secured by changing passwords. The damage should be minimal and nothing more than a few identity thieves will come away with anything more than a few bucks. Mail.ru, the biggest loser in this situation, is even keeping their cool under pressure.

“We are now checking, whether any combinations of usernames/passwords match users' e-mails and are still active,” said a representative to Reuters.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last five years, he’s written about everything from Kickstarter campaigns and budding startups to tech titans and innovative technologies. His extensive background in stand-up comedy made him the perfect person to host tech-centric events like Startup Night at SXSW and the Timmy Awards for Tech in Motion. You can email Conor at conor@tech.co.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals