Mariam Nihal
Saudi Gazette
It is time to change your passwords. Apparently, hundreds of millions of hacked usernames and passwords are being traded in Russia’s criminal underworld a security expert told Reuters recently. And as much as that seems like a plot for a Hollywood movie, it is not. Although much like a script, the events played out in sequence. During the hunt, Cybersecurity firm Hold Security exposed the data breach when it came across a young Russian hacker bragging in an online forum that he had collected and was ready to give away 1.17 billion records for just 50 roubles (around three riyals). After eliminating duplicates, the cache contained 272.3 million stolen accounts, according to Alex Holden, founder and chief information security officer of Hold Security, and former chief security officer at US brokerage R.W. Baird.
The accounts include tens of millions of IDs for the biggest email providers including Gmail, Microsoft and Yahoo, as well as Russia’s Mail.ru,German and Chinese email providers.
However, reportedly the hacker agreed to give up the dataset to Hold researchers for free, after they agreed to post favorable comments about him in hacker forums. Holden said his company’s policy is to refuse to pay for stolen data. However you never know who has the data and what they are going to use it for.
The huge reserve of stolen credentials is said to be the biggest to be revealed since cyber attacks hit major US banks and retailers two years ago. A great many of the stolen accreditations seem to belong to representatives of the biggest retail, banking and manufacturing organizations in the US. It is also important to note that the stolen data could be used to engineer further cyber attacks, because many people use the same passwords across multiple websites, Hold Security warned.
So make sure you have a strong and unique password for each account. This essentially involves something no one will be able to guess, thus requiring a combination of lowercase and uppercase characters, symbols and numbers. Try not to login using your password on a public Wi-Fi. Try not to repeat the same password across multiple sites; this just makes the job easier for hackers. Try and avoid using easy or family names in your passwords or any information that can be found on your social pages easily.
