The Russian mafia has seized the largest collection of stolen credentials Internet, including 1.200 million user IDs and passwords, as well as more than 500 million email addresses, security researchers claimed.The records discovered by Security Hold-a firm Milwaukee- include confidential material gathered 420,000 websites and contain both individual names and signatures of small websites. Hold Security has experience in the unmasking of hackers, such as theft, the last year, tens of millions of records of the firm Adobe Systems.
Hold Security did not identify the victims themselves justified in confidentiality agreements and a policy of not disclosing the names of companies whose online sites could be vulnerable. At the request of The New York Times, a security expert not linked to Hold Security analyzed the data of the stolen credentials and confirmed its authenticity. Another computer expert who reviewed the data said some big companies knew that their records were among the stolen information.
"The hackers not only attacked US companies
They do it with any website that can, from the Fortune 500 companies' to very small sites, "said Alex Holden, founder and head of Security Hold. "And most of those sites are still vulnerable."
There is a concern in the security community to keep personal information out of the hands of thieves is becoming a losing battle. In December, 40 million credit card numbers to 70 million addresses, phone numbers and additional pieces of personal information was stolen from the giant Target by hackers in Eastern Europe. In October, federal prosecutors said the identity theft service in Vietnam managed to recover 200 million personal records, including social security numbers, credit card information and bank account information of the signing Court Ventures. But the discovery of these incidents Hold Security diminishes as the size of the case has prompted security experts to press for improvements to protect the identity on the web.
"Companies that rely on users and passwords relationship must develop a sense of urgency about the need to change this," said Avivah Litan, an analyst at Gartner Security, a research firm. "Until they do, the criminals continue amassing credentials."
Russian websites were also hacked, but Holden said he saw no links between hackers and the Russian government. Until now, the mafia did not sell many records stolen. Apparently, they seem to be using stolen information to send spam on social networks like Twitter in order of other groups, and charging for work. But, however, sell the most records in the black market would be very lucrative.
While a credit card can be easily canceled, personal credentials such as email address may be the target of hackers. In February, Holden found a database of 360 million records for sale. "The ability to attack exceeds that of defending," said Lillian Ablon, Rand Corporation. "We played this game of cat and mouse. But lately, companies only emparchan and pray. "
0 comments:
Post a Comment