By now you’ve likely heard about Tuesday’s New York Times report of the largest stockpile of stolen online credentials in known history. The mammoth hack job was brought to light by the cybersecurity firm Holden Security LLC, which revealed that a Russian hacking group has stolen 1.2 billion sets of unique login credentials, and more than 500 million email addresses.
The New York Times reports that the data comes from more than 420,000 websites ranging from well known companies to smaller operations. Holden Security says it isn’t revealing the names of the sites right now because doing so could pose additional risks to users. The so-called “CyberVor” gang collected more than 4.5 billion records in all, 1.2 billion appearing to be unique. There are about 2.9 billion Internet users worldwide… so it’s very likely that you’ve been affected.
Luckily, according to the Times report, many of the records have not yet been sold and are primarily being used to send spam to social networks. This is yet another painful reminder that our online accounts are not nearly as safe as we think. Do yourself a favor and beef up your password security before the (inevitable) next hack is uncovered.