More than half a billion email addresses, and 1.2 billion username and password combinations, and are in the hands of a Russian crime syndicate, according to a New York Times report.
The database was apparently discovered by researchers at Hold Security. They haven’t disclosed which websites are affected, but there are a whopping 420,000 of them and they range from Fortune 500 firms to “very small websites.” Hold, which is about to present its findings at the Black Hat security conference this week, isn’t naming any of the affected sites just yet because of non-disclosure agreements and the fact that many remain unpatched.
This is probably the biggest illicit stash of personal information that has yet been found. However, as Forbes has pointed out, Hold also charges companies to tell them whether or not their websites have been breached — there’s arguably a potential conflict of interest here, though…
View original post 181 more words