360 million stolen credentials up for sale on cyber black market


by CBR Staff Writer| 26 February 2014

The data includes user names from email addresses and passwords

Details of about 360 million accounts are up for sale on cyber black markets, according to a US-based security firm

Hold Security collected information over the past three weeks that have yet to be reported publicly.

The company's chief information security officer, Alex Holden, said: "The sheer volume is overwhelming," Holden told Reuters.

The 360 million records of data were obtained in separate attacks, with one of them yielding about 105 million records, making it the massive sole credential breaches till date.

"We have staff working around the clock to identify the victims."

The data includes user names from email addresses and passwords that in many of the cases were in unencrypted text.

The detected email addresses were from major providers including AOL, Google, Microsoft and Yahoo, as well as Fortune 500 firms and non-profit organisations.

Recently, there were several payment-card data breaches, including massive one at US retailer Target, which cost over $200m to financial institutions in replacing their credit and debit cards.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

716 people like this.
1564 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.