News

Technology

Web users have been advised to change their passwords once again after a hacker gave up a database of hundreds of millions of stolen email credentials to a security firm.

272 million unique email addresses and their passwords were given to Hold Security by a cyber criminal demanding 50 rubles (53 pence) for the database – a small price, but one the firm refused to pay to avoid rewarding criminal activity.

According to Reuters, the data includes accounts on Russian email service Mail.ru as well as smaller numbers of Google, Yahoo and Microsoft credentials.

The hacker claimed the ten-gigabyte haul contained 1.17 billion credentials from numerous breaches, but on closer inspection 272 million turned out to be unique. The researchers said 42.5 million of these are credentials “we have never seen before”.

According to The Guardian, the firm’s founder convinced the cyber criminal behind the database – nicknamed “the collector” – to give it up in exchange for likes on social media rather than payment after he was found bragging about it on forums.

With the credentials out there on the Dark Web, users have been advised to change their email passwords and avoid using the same ones across multiple accounts.

In March, a survey looking at global attitudes to privacy and the internet revealed that three quarters of Britons believe the Dark Web should be shut down.

Researchers also recently found malware designed to steal gamers’ login details to sell them for as little as $15 (£10) on the anonymous portion of the internet.

And analysis of the data on offer on the Dark Web has revealed that UK citizens’ stolen information can be worth up to twice as much as the same details from the US.

You may also like...

Keep Up To Date - Subscribe To Our Email Newsletter Today

Get the latest industry news direct to your inbox on all your devices.

We may use your information to send you details about goods and services which we feel may be of interest to you. We will process your data in accordance with our Privacy Policy as displayed on our parent website https://ebm.media