A Russian hacker is claiming to have obtained hundreds of millions of login credentials for various email services. While the single-largest set of data appears to have come from Mail.ru, details from millions of Gmail, Microsoft, and Yahoo accounts are said to be part of the breach.
Hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia's criminal underworld, a security expert told Reuters.
The data breach was uncovered by Hold Security, according to Reuters:
"After eliminating duplicates, Holden said, the cache contained nearly 57 million Mail.ru accounts - a big chunk of the 64 million monthly active email users Mail.ru said it had at the end of last year. It also included tens of millions of credentials for the world's three big email providers, Gmail, Microsoft and Yahoo, plus hundreds of thousands of accounts at German and Chinese email providers."
Russia's own Mail.ru email service accounts for the majority of hacked accounts at 57 million, but a large number also belong to Gmail, Hotmail and Yahoo Mail users. Yahoo Mail credentials totaled 40 million, or 15 per cent of the haul, Hotmail accounted for 33 million, or 12 per cent, while 24 million, or 9 per cent, belonged to Gmail account holder.
It has since been revealed that 42.5 million of the credentials have never been seen before in previous leaks.
wasn't just email accounts that were targeted, according to the report,
with Holden also discovering thousands of other stolen username and
password combinations that appear to belong to employees of some of the
largest US banking, manufacturing and retail companies.