Over the past few years a gang of Russian hackers have been active and engaged in spam activity. In April of this year they begun to upscale their operations and began stealing usernames and passwords.
Since then, they have managed to obtain over 4.5 billion usernames and passwords. But, many of these were duplicates, bringing the total of unique credentials to 1.2 billion, including 542 million email addresses.
The scale of the hack was uncovered by American security firm Hold Security. The founder of the company, Alex Holden, has stated that “They targeted any website they could get… and most of these sites are still vulnerable.”
The hackers were able to obtain this information using a method of hacking known as “SQL injection” in combination with a network of zombie computers, which are computers that have been taken over by a hacker/virus without the users knowledge.
For now, the gang is not selling many of the credentials but using the accounts to send spam and collecting money from other companies for this service.
Our recent article on the Best free antivirus for Mac and PC can help you stay protected online.