Over 1.2 Billion Credentials Stolen By Russian Cybercriminals

A database of over 1.2 billion usernames and passwords and half a billion unique email addresses has been stolen and collected by a Russian cybercrime ring, the New York Times writes.

US internet security company Hold Security, which disclosed the information, said that “hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites.”

The records have been gathered from around 420,000 websites, including well-known brands as well as small Internet sites from all industries.

The 12-member hacking group and their computer servers are allegedly based in a small city in south central Russia. It appears use most of the stolen information to send spam on social networks and offer their services to other hacking groups for money.

“There is a division of labor within the gang,” Alex Holden, founder and chief information security officer of Hold Security said. “Some are writing the programming, some are stealing the data. It`s like you would imagine a small company; everyone is trying to make a living.”

The company has not disclosed the names of the victims or the hacking methods used, and Russian websites have also been affected.