Eastern Europe is proudly refining its reputation as the world’s top cyberthief place of business, as a group of Russian thieves was accused Tuesday (Aug. 5) of what is possibly the largest high-tech swindle to date. The take? About 1.2 billion usernames and passwords in addition to more than 500 million E-mail addresses, according to a report in The New York Times.
The haul included “confidential material gathered from 420,000 websites, including household names, and small Internet sites,” The Times said.
A security company that has often identified major breaches, Hold Security, was also at the center of this discovery. “Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” Hold Security CISO Alex Holden told The Times. “And most of these sites are still vulnerable.”
But here’s the twist. Historically, data theft gangs that collect huge amounts of data (especially payment card data, which apparently was not at issue with this group) either sell the data to other criminal groups or they use it to commit identity theft and retail payment fraud. This group, however, is apparently using it to send target SPAM.
“They appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work,” the Times reported.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More