The New York Times today published a security report detailing the violations by a group believed to be the biggest identity theft on the Internet. Based on the research carried out by the security company Hold Security, Russian hackers have breached 420.000 websites, and gathered about 540 million unique email addresses. In total, 1.2 has billions of usernames and passwords.
What makes things worse is that most of the affected websites still remain vulnerable, according to Alex Holden, founder of Security Hold. A source told the Times that "some large companies" have been informed that their data is freely circulating on the internet. "
The criminal group is suspected of using the information to promote spam on social networks. The gang is believed to consist of "less than 12 men around 20, who know each other personally."
However, security researchers from Kaspersky, Symantec and University College London dispute the news and say that the private security company Hold Security has located the Russian team CyberVor, but does not provide evidence to confirm the data leak.