CyberVor Swipes 1.2 Billion Passwords in Largest Security Breach Recorded

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Warning! A Russian hacking group, which has been called CyberVor, has swiped 1.2 billion usernames and passwords. Hold Security is reporting that the group has stolen 540 million email addresses from 420,000 websites. A complete list of the websites that has been compromised has not yet been made available.

Change Your Passwords!

It is recommended that you change your password to protect your accounts from the CyberVor hackers. Some users will have a number of passwords that they should change. If time is an issue, we recommend changing passwords in this order to secure your accounts:

  1. Financial accounts
  2. Email addresses
  3. Social media
  4. Online shopping
  5. Any other accounts

Security breaches can put your online accounts at risk. The SpeedyPassword Team strives to keep you updated.

Hold Security says the Russian gang, which it’s been tracking for seven months, originally purchased databases of stolen information via underground forums. “There are various sites on the Internet where dumps of previously stolen user databases, such as from LinkedIn and the Adobe breaches, are easily available, or indeed the gang could have paid or traded for credentials from other gangs,” Brian Honan, an independent information security consultant based in Dublin, tells Information Security Media Group.

But earlier this year, the gang began tapping botnets to catalog SQL vulnerabilities on websites, according to Hold Security. The vendor doesn’t say if the attackers rented these services or built them up themselves, but says the results of their security scans identified “over 400,000 sites … to be potentially vulnerable to SQL injection flaws alone.” Attackers then targeted these bugs to amass their cache of stolen data.


Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

November 4, 2014 / By: