Over 272 million email accounts have been hacked, with their passwords stolen and being sold on the dark web, it has been revealed by a cyber-security agency.
The accounts span large providers including Hotmail, Gmail, and Yahoo Mail, and are being sold at cheap prices to criminals on the dark web.
“We know he’s a young man in central Russia who collected this information from multiple sources,” said Alex Holden, founder of Holden Security, who discovered the hack. “We don’t know the way he did it or the reason why he did it.”
The dark web is a part of the internet that remains unindexed by search engines and can only be accessed using specific web browsing tools such as Tor. It is frequently used by whistleblowers, activists in tyrannous countries, and technology professionals, but its advanced anonymity and concealment also makes it a frequent habitat for cyber-criminals including hackers, terrorists, and pedophiles.
Since the mass hack has been discovered, security professionals are advising that anyone with a personal email account immediately change their password. This includes anyone who has an account with Hotmail, Microsoft, Gmail (Google Mail), Yahoo, and Mail.ru.
“The data collection of consumers, the data collection of federal government employees, it’s very obvious that it’s targeted, that it’s orchestrated, and that there is multiple groups in play here,” claimed cyber-security professional and former White House Chief Information Officer Theresa Payton to NBC News. “A breach is inevitable… That information that you’ve entrusted someone else with is eventually going to be hacked.”
“You should also be thinking about one site, one password,” advises Lucy Millington, another cyber-security professional. “So don’t reuse a password, don’t use the same password for the bank, as you do for retail shopping, as you do your email.”
In December, McAfee Labs revealed that stolen Netflix accounts were being sold on the dark web for as little as under a dollar. Hacked and stolen Spotify accounts were being sold for around $2.00, and HBO accounts were going for around $10.00, creating a popular demand for criminals on the dark web and creating a further risk to sensitive information on the internet.