Over a Billion Passwords Stolen

Discussion in 'PC Performance, Security, and Tips' started by webmaster, Aug 7, 2014.

  1. webmaster

    webmaster Administrator Staff Member

    Russian Hackers Amass Over a Billion Internet Passwords

    A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

    The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites.

    http://www.nytimes.com/2014/08/06/t...billion-stolen-internet-credentials.html?_r=0

    -------------------------------------------------------------

    Here is what you can do to protect yourself:

    • Make sure you don't share passwords between sites and periodically change them.

    • Use a password manager. Some good ones are Lastpass, RoboForm, and Keepass. These password managers will allow you to store a complex password for each site and automatically log you in. Make sure your main password (to access the password manager) is difficult, written down, and kept someplace secure.

    • Use multifactor authentication on critical sites when available.

    Password managers - http://en.wikipedia.org/wiki/List_of_password_managers
     
  2. The Dark King

    The Dark King Well-Known Member

    Sms password protection is great too
     
  3. Bliss

    Bliss Well-Known Member

    Good to know of the breaches.
    Ok, I may be asking a stupid question per the bolded, but if they have hacked other encrypted sites, wouldn't it be just as easy for them to hack these password-manager sites?
     
  4. Skylight

    Skylight Active Member

    That's a good question...

    According to Wikipedia's article on password managers

    "A compromised master password renders all of the protected passwords vulnerable. This demonstrates the inverse relation between usability and security: a single password may be more convenient (usable), but if compromised would render all of the held passwords compromised."

    So you are right to be concerned. In the end it comes down to how safe, trustworthy, and robust these password manager websites are.

    Not long ago, I read there was a meeting between web and internet security technology groups to discuss a single-password for web users. That would be great for internet developers and users. But I think it'll be some time before we see that happen.

    I'm concerned that a single password may be an opportunity for some web developers like Google to identify and track users' browsing habits. I hope they don't go in that direction.
     
  5. Otis

    Otis New Member


    -Never log on to the internet (& STAY AWAY from the deep web)
    -Don't even bother keeping a bank account
    -Stick to operating a flip style cell phone
    -Pay cash for EVERYTHING!!

    Even then...you are vulnerable.

    There simply is no way around it. Your information in the internet age is inherently vulnerable. Face it folks: a password ain't gonna protect you. (and I can't say it any better than Wired can)

    But life isn't over. It just means that we must learn to live with the acceptable risk that hacking--phishing, password dumps, DDOS attacks, et al--are part of the information age.


    I am not a computer engineer, but if mega-multinational conglomerates and national retail chains, not to mention banks (which have security tougher than anything outside of high level Sovereign Govt facilities) can & do get hacked, how on earth is some simple little consumer product sold retail gonna stop a motivated cyber-criminal? You do the math.

    But (and here's the BUT) as individual consumers, we can protect (to a reasonable degree) our personal information on our laptops & phones. Well, in theory. Because as private individuals, we are low value targets. Now, if you work for DeBeers, then that might be a different story.

    But honestly, what worries me is not whether some asshole will crack my laptop's security; it's whether or not some group of assholes will crack my state DMV, or health insurer's database. Because that's where the goodies are. And if you read the paper, you know that these (and other) entities have largely been powerless to stop them.

    <Ahem!> Sorry for the long post, but I thought it necessary to make the point.
     
  6. goodlove

    goodlove New Member

    there u go.

     
  7. Otis

    Otis New Member

    Straight up man. Core belief.

    Hacking (unfortunately) is the perfect crime nowadays. When's the last time you heard of an entire ring of hackers

    1) Getting caught--again, the entire group. Not just elements of that group.

    2) Having the hacked information or proceeds being recovered. As far as I know, they always make out with the loot!

    Damn what that tv show is talkin' bout: hacking is the perfect crime. Hell, it even beats high-level finance fraud. Those guys get caught far more often because they're greedy. Normally the paper trail nails 'em.

    But hacking is the Jordan of criminality. The press will famously report their exploits in intricate detail. You will learn how they did it, but you never see a mug shot attached to that story. Do you?
     
  8. Bliss

    Bliss Well-Known Member

    Hmmm...concern realized..

    Have you been hacked? Password manager OneLogin is hit by a major breach and warns data has been compromised
    • Microsoft Office 365, Google Analytics, LinkedIn and Slack all use the service
    • Encrypted data may have been decrypted on the sign-on service
    • Company has more than 2,000 customers in more than 44 countries
    • Spokesperson said they are trying to 'verify the extent of the impact'


    http://www.dailymail.co.uk/sciencet...ord-manager-OneLogin-hit-security-breach.html
     
  9. DudeNY12

    DudeNY12 Well-Known Member

    It's a jungle. I'm IT, but I'm actually glad I'm not in IT security.
     
  10. Soulthinker

    Soulthinker Well-Known Member

    I learn something every day.
     

Share This Page