Pixalo Photography Community

Go Back   Pixalo Photography Community > Photography Forums > Computer hardware, software, networking and internet

Computer hardware, software, networking and internet: Discuss Webmail firms probe login 'leak'...Webmail firms probe login 'leak' The majority of the "hacked" logins appear to be for mail.ru accounts Several popular webmail ...
Welcome to the Pixalo Photography Community. As a Guest you are free to browse the site, but see what extras you get as a Member here.


Reply
 
LinkBack Thread Tools Display Modes
Old 04-05-2016, 23:36   #1 (permalink)
Pixalo Crew
 
dabhand16's Avatar
 
Join Date: Jun 2006
Location: Dunstable Bedfordshire UK
Posts: 30,267
dabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of light
dabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of lightdabhand16 is a glorious beacon of light

Image editing O.K.
User's Gallery
Users Camera Equipment List
Webmail firms probe login 'leak'

Webmail firms probe login 'leak'

The majority of the "hacked" logins appear to be for mail.ru accounts

Several popular webmail providers are investigating a report that millions of their users' login details are being shared online by a hacker.

Google Gmail, Yahoo Mail, Microsoft Hotmail and Mail.ru are among the services said to have been affected.

The security firm that flagged the issue said that it believed many of the usernames and passwords involved had not been leaked before.

However, it is not clear whether users' accounts have actually been breached.

Hold Security said it had obtained a total of 272 million unique pairs of email addresses and unencrypted passwords from the hacker, 42.5 million of which the company had not seen in earlier leaks.

It said the cybercriminal had initially asked for 50 roubles (75 cents; 52 pence) in exchange for the list, but eventually gave a copy away without charge after Hold's staff posted favourable comments about him in a forum.

Even if many of the credentials are out of date or inaccurate they could still be abused, the company warned.

"There are hacker sites that advertise 'brute forcing' popular services and store fronts by taking a large amount of credentials and running them one-by-one against the site," Alex Holden, the firm's chief information security officer, told the BBC.

"What makes this discovery more significant is the hacker's willingness to share these credentials virtually for free, increasing the number of... malicious people who might have this information."

Inactive combinations


According to Hold's analysis:

57 million credentials were for Mail.ru accounts
40 million were for Yahoo accounts
33 million were for Hotmail accounts
24 million were for Gmail accounts

However, Mail.ru - Russia's most used webmail service - said its initial investigation suggested the problem might not be as bad as the figures indicated.

"A large number of usernames are repeated with different passwords," a spokeswoman said.

"We are now checking whether any combinations of username/password match [active accounts] - and as soon as we have enough information we will warn the users who might have been affected.

"The first check of a sample of data showed that it does not consist of any real live combinations of usernames and passwords."

Microsoft said it had measures in place to identify compromised accounts.

"[We would require] additional information to verify the account owner and help them regain sole access," said a spokesman.

Google said: "We are still investigating, so we don't have a comment at this time."

And Yahoo added: "We've seen the reports and our team is reaching out to Hold Security to obtain the list of accounts now. We'll update going forward."

Phishing warning

Image caption Cybercriminals could still make use of the list of emails even if the passwords do not work

Hold Security has a track record for bringing significant cyber-breaches to light, including past hacks of Adobe and the US retailer Target.

Independent security consultant Alan Woodward said people should remain alert to the dangers of phishing emails.

Even if the vast majority of the passwords did not work, he explained, cybercriminals could still use the list of email addresses to bulk-send scams.

"Assuming the email addresses are valid, they still give criminals the ability to mount certain types of attack," he said.

However he added there was "no need to panic" or for people to change their passwords at this point.

Source BBC
__________________
Graham
dabhand16 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Blackshades: Arrests in computer malware probe dabhand16 Computer hardware, software, networking and internet 0 19-05-2014 17:11
Blackberry Messenger launch thwarted by app leak dabhand16 Computer hardware, software, networking and internet 0 23-09-2013 17:11
Canon 40D leak Steve Cameras, Lenses and Accessories 30 04-02-2007 23:39
Apple's iPod faces patent probe Steve News 0 15-06-2006 10:37


All times are GMT +1. The time now is 19:44.


vBulletin Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
ReviewPost & PhotoPost vB3 Enhanced, Copyright 2003-2014 All Enthusiast, Inc.
SEO by vBSEO 3.3.0
Copyright 2006 - 2017 Pixalo.com

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197