A database of over 1.2 billion usernames and passwords and half a billion unique email addresses has been stolen and collected by a Russian cybercrime ring, the New York Times writes.
US internet security company Hold Security, which disclosed the information, said that â€œhackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites.â€
The records have been gathered from around 420,000 websites, including well-known brands as well as small Internet sites from all industries.
The 12-member hacking group and their computer servers are allegedly based in a small city in south central Russia. It appears use most of the stolen information to send spam on social networks and offer their services to other hacking groups for money.
â€œThere is a division of labor within the gang,â€ Alex Holden, founder and chief information security officer of Hold Security said. â€œSome are writing the programming, some are stealing the data. Itâ€™s like you would imagine a small company; everyone is trying to make a living.â€
The company has not disclosed the names of the victims or the hacking methods used, and Russian websites have also been affected.