A Reuters report revealed that more than 250 million usernames and passwords for emails have been breached. Most affected email addresses were served by Russia’s popular Mail.ru and Microsoft Corporation (NASDAQ:MSFT), Alphabet Inc (NASDAQ:GOOGL), and Yahoo! Inc. (NASDAQ:YHOO). According to the report, these accounts are being used by Russia’s criminal underworld as stated by Hold Security`s Alex Holden.
Mail.ru was hit hard by the breach
Holden said that his company realized that a Russian hacker was claiming to possess more than one billion hacked email addresses, and he was ready to sell them. After eliminating the duplicated emails, the hacker’s list included 33 million Hotmail addresses, 57 million Mail.ru addresses, 24 million Gmail addresses, and 40 million Yahoo addresses.
Apart from the email addresses listed above, the hacker had thousands of other email addresses from Chinese and German servers.
Holden told Reuters the information that the Russian hacker was holding was potent. He also added that this data is floating underground, and the hacker has already shown willingness to sell it.
A Microsoft spokesman said that it is unfortunate that there are places on the internet where stolen or leaked confidential information can be posted. He further said that if someone notifies Microsoft about such platforms or the company comes across them, it will act to protect its customers. Also, the company has security measures in place to ensure that any attempt to compromise an account is detected.
Alphabet’s spokesman said that the company was unable to comment about the abuse. However, it was clarified that Google addresses abuse as quickly as possible.
This data breach is the latest in a list of recent large scale incidents. Data for more than 100 million people was stolen from nine companies last year, including News Corp (NASDAQ:NWSA) and JPMorgan Chase & Co. (NYSE:JPM).
The United States federal government was also hit by massive data breaches. In 2015, hackers accessed personal data for tens of thousands of employees from the Office of Personnel Management. Also, earlier this year, 30,000 FBI and Department of Homeland Security employees’ data was breached.