Spears Legal Technology

Disclaimer

This blog is a resource guide for informational purposes only, and not the delivery of legal, technical or other professional advice. Using the information provided on this blog does not constitute an attorney-client relationship. If you need legal advice, please consult your lawyer.

Russian crime ring amasses over a Billion credentials

It is being reported that the USA and South Korea account for over 80% of the stolen credentials. Username and passwords are not enough to protect us.

According to Hold Security, the attackers used a botnet to hunt for sites vulnerable to SQL injection hacks. They compromised roughly 420,000 websites and lifted 4.5 billion username-password combinations in all; after eliminating duplicates, the number drops down to a no-less-impressive 1.2 billion unique login combos. Hold Security has not released the names of the victim sites.


Brian Krebs has provided an excellent Q&A on the topic.


Link.


blog comments powered by Disqus