(Ping! Zine Web Tech Magazine) – A group of Russian hackers have stolen more than a billion Internet credentials from over 420,000 websites, reported security researchers on Tuesday, calling this the biggest data breach known to date.
According to The New York Times, the hack was discovered by Wisconsin based security firm Hold Security, in which researches say they uncovered that the attackers compromised more than 500 million email addresses and 1.2 billion user names and passwords.
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Hold Security chief information security officer, Alex Holden. “And most of these sites are still vulnerable.”
Holden noted that the stolen information has not yet been sold on the black market, adding that the data is being used by third party groups to send spam on social media websites such as Twitter.
Hold Security identified that the hacking group is located in a small city in south central Russia in a region near Kazakhstan and Mongolia, where the operation is most likely being ran by a few men in their 20s.
“There is a division of labor within the gang,” added Holden. “Some are writing the programming, some are stealing the data. It’s like you would imagine a small company; everyone is trying to make a living.”
Information to those affected by this security breach can be found here.