A Russian hacker just unleashed a huge collection of private information, and his motivations might surprise you.
People will do nearly anything to gain attention on the Internet these days, but it is a rare occasion that they would compromise the security of millions of people’s e-mail accounts. According to a report from Reuters, however, a Russian hacker did just that this week, leaking 272.3 million stolen accounts in turn for online respect.
The hacker’s quest for Internet points has put the security of millions of people, primarily users of Russia’s biggest email service, Mail.ru, at risk. In addition to Mail.ru, accounts of Google, Yahoo and Microsoft users were compromised.
According to Alex Holden, the founder and chief information security officer at Hold Security, “This information is potent. It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.”
Hold Security has recovered large amounts of stolen data before – the company returns nearly 100 million stolen credentials back to their rightful owners each month. In addition to automated techniques for finding stolen credentials, security professionals interact with hundreds of hackers to try and hunt down large sources.
One usually associates hackers with an image of a nefarious character holding precious personal digital information hostage for extravagant ransoms, but the hacker asked for no more than 50 rubles, or roughly $1, for his prize. Hold researchers agreed to post favorable reviews about the hacker in forums for turning over the data – it’s company policy to never pay for stolen goods.
Data theft remains a huge problem in the modern world. Officials from Microsoft, Yahoo, Google and Mail.ru all acknowledged this unfortunate reality and asserted that there are constant efforts to combat the persistent threat.
A press release from Hold Security describing the details of the recovery can be found here.