YOU HAVE BEEN HACKED!August 6, 2014 – 8:59 PM
Over the past 18 months, this was our conversation starter with many companies and individuals. Helping our clients prevent breaches or find their stolen data is our business. If you have been following information security, or even if you haven’t, you have probably heard of Hold Security and our work. In October 2013, we identified a data breach with Adobe Systems. Later in December that year, we independently identified and tracked the Target breach and in February 2014 we identified over 360 million stolen credentials trafficked on the black market. Overall, Hold Security played a role in identifying and helping victims with most of the largest breaches.
In the latest development, Hold Security’s Deep Web Monitoring practice in conjunction with our Credential Integrity Services discovered what could be arguably the largest data breach known to date.
Whether you are a computer expert or a technophobe, as long as your data is somewhere on the World Wide Web, you may be affected by this breach. Your data has not necessarily been stolen from you directly. It could have been stolen from the service or goods providers to whom you entrust your personal information, from your employers, even from your friends and family.
After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian).
The CyberVor gang amassed over 4.5 billion records, mostly consisting of stolen credentials. 1.2 billion of these credentials appear to be unique, belonging to over half a billion e-mail addresses. To get such an impressive number of credentials, the CyberVors robbed over 420,000 web and FTP sites.