[LINK] Hold security break in: 1 billion credentials stolen by hackers: SSO Alert Priority High
Kim Holburn
kim at holburn.net
Thu Aug 7 16:16:23 AEST 2014
It's very unclear exactly what's been got.
http://www.staysmartonline.gov.au/alert_service/message?id=1124610&name=1+billion+credentials+stolen+by+hackers%3A+SSO+Alert+Priority+High+
> 1 billion credentials stolen by hackers: SSO Alert Priority High
>
> Reports are emerging about a vast series of data breaches, affecting approximately 420,000 websites across the world, ranging from well known ‘Fortune 500 companies’ and ‘household names’ through to ‘very small websites’.
>
> Approximately 4.5 billion records, comprising 1.2 billion unique ‘credentials’ (such as usernames and passwords) and an estimated 500 million unique email addresses have been stolen by hackers over a period of many months.
>
> A US-based security firm Hold Security identified the breaches and has been communicating with Russian hackers it says are in possession of the stolen data.
>
> It has not released the names of the hacked websites making specific recommendations in response to these events difficult.
>
> Our best current advice is to assume your information may be affected and change your password for any sensitive sites which concern you. You should be changing your password regularly anyway as a matter of good practice. Read our other suggestions below.
>
> Hold Security says the gang initially acquired stolen credentials from fellow hackers on the black market which it used to attack email providers, social media and other websites to distribute spam and install malware. It was also able to gain access to data from a botnet (a ‘zombie’ network of infected computers that can be remotely controlled) which it used to ‘audit the internet’ identifying websites that were vulnerable to SQL injection ( a common method used for hacking websites). It then used SQL injection to steal data from these sites.
>
> According to the New York Times, independent security experts have confirmed the authenticity of the stolen data.
>
> The New York Times reports that websites from outside the US have also been targeted, and that to date, the criminals have largely focused on obtaining identity credentials. They have, ‘not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work’.
>
> With such a significant amount of data and number of websites affected, there is a likelihood your information could be involved.
>
> If you are concerned about your data you should evaluate the sites you use and consider taking action to change your passwords and improve your security.
>
> More information is likely to emerge in coming days.
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list