360 Million User Names and Passwords For Sale

Print Email

The sheer amount of data about people’s private online information that is available for sale by criminals reached a staggering 360 million credentials. It is a sign of just how powerful cyber-thieves have become and the tremendous risk of communicating via email and keeping records online.

According to research and online security firm Hold Security:

One of the most valuable bounties for the hackers are your credentials — user IDs (email addresses) and passwords. And these credentials can be stolen not only directly from your company but also from services in which you and your employees entrust data.

Hold Security’s analysts work tirelessly to find stolen or abused credentials and alert our customers. In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems. One month later we identified another large breach of 42 million credentials from Cupid Media.

To help our customers we tracked over 300 million abused credentials that were not disclosed publicly (that is over 450 million credentials if you count our Adobe find). But this month, we exceeded all expectations! In the first three weeks of February, we identified nearly 360 million stolen and abused credentials and 1.25 billion records containing only email addresses. These mind boggling numbers are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action, and if you are concerned about integrity of your company’s user credentials we encourage you to use our Credentials Integrity Services.

Online credentials include, most importantly, user names and passwords. Reporting on the Hold Security information, Reuters revealed:

The email addresses are from major providers such as AOL Inc, Google Inc, Microsoft Corp and Yahoo Inc and almost all Fortune 500 companies and nonprofit organizations.

AOL Inc. (NYSE: AOL), Microsoft Corp. (NASDAQ: MSFT), Yahoo! Inc. (NASDAQ: YHOO), and Google Inc. (NASDAQ: GOOG) are among the largest email providers in the world, based on customer counts.

The news of data breaches of email accounts, credit card data and even information held by the federal government and major corporations seems to grow by the day. Target Corp. (NYSE: TGT) continues to stagger from the effects of customer data breach that hit as many as 110 million people who shopped at its stores during the holiday season.

While Target, other retailers, email providers and banks continue to claim heightened security to protect customer data, hackers still find ways to get around the most sophisticated methods to safeguard this information. The thieves remain at least one step ahead of companies that try to thwart them.

RSS Facebook Twitter