How You Helped a Russian Hacking Ring Steal 1.2 Billion Passwords

Russian hackers access over 1 billion passwords
This week Hold Security shared disturbing news that a small circuit of Russian hackers has collected over a billion usernames, passwords and other information which can be used to steal identities, and commit theft. The company, based in Milwaukee, is made up of security contractors and researchers, and it has been responsible for uncovering some of the worst hacks in recent history. Alex Holden, the owner, spoke in detail to the New York Times about the profile his firm has developed on the extent of this scam.

It appears, the hackers based in a small city in South Central Russia, gathered customer information from 420,000 websites, large and small. Hold Security would not disclose which websites or who the victims are because of binding non-disclosure agreements, as well as the risk of making vulnerable companies and individuals a target for further attacks.

Other security professionals and computer crime experts have verified the information uncovered by Hold Security as authentic. They say the problem is getting worse every year, with many large companies being aware of cyber-security issues, but still unable to do much about it other than prompt customers to change their passwords.

Mr. Holden said, “Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites, and most of these sites are still vulnerable.” His firm has been trying to contact the sites that have been hacked, but some remain unreachable, and he hopes this week’s story will get the message through to companies and individuals alike that caution needs to be exercised.

Identity theft is becoming more and more prevalent, and it seems that each month authorities report a new theft, but the easiest way to protect yourself, and to lessen the chances of being targeted, is to simply vary your use of passwords.

Hackers have most of their success because so many consumers repeat the same password on the different sites we use. This means they only have to get hold of a single password, and then run an analysis on popular sites to see if that password will open other services in your name as well. For those who use the same password, one compromised password can mean the hackers have access to dozens of sites you frequent.

It’s a common mistake, and in this increasingly digital world, where every website from your supermarket to your social media account is password protected, it can be hard to remember them all. This is why many experts recommend using password managers. They are simple programs which can both formulate strong passwords and protect the ones you have. With a password manager you only have to remember one password to get access to the rest of your data.

In the meantime, be cautious with your identity. Change your passwords regularly, and take care to question any unexpected requests for money on social media or by email. It’s far better to be safe than sorry.

(Photo courtesy of Don Hankins)

This entry was posted in Personal Finance, Saving Money, Website and tagged , , , , , , , . Bookmark the permalink.

One Response to How You Helped a Russian Hacking Ring Steal 1.2 Billion Passwords

  1. Frank says:

    Great article. I recommend using a Sticky Password for all the work with passwords, but there are also many other password managers like Lastpass and Dashlane which will do the job.

Leave a Reply

Your email address will not be published. Required fields are marked *