Hold Security has recently discovered the mass breach of FTP servers, now they are releasing news via a blog post stating “we identified nearly 360 million stolen and abused credentials and 1.25 billion records containing only email addresses.”
This discovery is much more of a threat to consumers and firms than stolen credit card details due to the possibility the sets of user names and passwords could open the door to online banking accounts, corporate networks, health records and just about any other secure location on the internet.
Alex Holden, founder of Hold Security LLC, stated in an interview that his firm acquired the info within the last 3 weeks, which means an unparalleled volume of stolen credentials is available on the black market.
“The sheer volume is overwhelming,” Holden stated, whose firm this past year helped discover a significant data breach at Adobe Systems where tens of millions of records were taken.
Holden explained he thinks the 360 million records were acquired in different attacks, which includes one that yielded 105 million credentials, which may make it the most significant single site breach seen date.
He then went on to say that he feels the credentials were compromised in breaches which have not yet been openly revealed. The firms attacked may continue to be oblivious until eventually they’re informed by third parties who uncover proof of the hacking, he explained.
“We have staff working around the clock to identify the victims,” he said.
Along with the 360 million credentials, the criminals are selling around 1.25 billion emails, which can be used in phishing attacks.