SoylentNews

c0lo [soylentnews.org] writes:

Reuter reports [reuters.com] that security company Hold Security LLC uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets. What is worrisome:

• the data was made available over the past three weeks, meaning an unprecedented amount of stolen credentials is available for sale underground
• it is unsure where they came from or what they can be used to access; the worst case scenario may include online bank account and private heath records
• the credentials were stolen in breaches that have yet to be publicly reported. The companies attacked may be unaware for the present

The same source reports the stash was obtained in multiple attack, but one may have yielded around 105 mils of them — if confirmed, this would make the largest single breach to date.

Hold Security LLC is the same company that uncovered the Adobe customer data breach [krebsonsecurity.com] in last year's October.

---

Original Submission