Russian Hackers Stole 1.2 Billion Credentials

posted Aug 7, 2014, 1:53 PM by Shawn Kohrman   [ updated Aug 7, 2014, 1:57 PM ]

As noted in the major news outlets recently, the security firm Hold Security LLC recently announced its discovery that a Russian cybercrime gang had amassed a collection of over 1.2 billion username/password combinations.

A number of questions still remain regarding this discovery.

  1. It has yet to be clearly determined if the credentials were bought on the black market or acquired via exploiting (hacking) websites.  Speculation exists that points to a combination of the two.

  2. What specific websites were comprised?  As yet, the specifics on this have not been made public.  More importantly, it is unknown how “fresh” (newly acquired and usable) these credentials are.  

  3. If the credentials are still “fresh” (newly acquired and usable), what will they be used for?  Depending on the source, they can be used to access bank accounts for outright theft, access personal email addresses for sending spam and gaining access to other accounts, or simply spam.

While the size and scope of the database held by this criminal group is impressive, the remaining questions mitigate our overall reaction to the threat.


As general good practices, the IMT Security Office recommends the following:

  1. Change the password on your personal email account to something unique.  Your personal email account can be used as a gateway to all your other accounts.  This happens because your other accounts usually will send “Forgot Password” or “Reset Password” links to your personal email account.  Helpful instructions on creating good passwords are available at

  2. Use a password manager to help you create and manage strong, unique passwords for all your accounts.  It is extremely important to not reuse passwords at multiple sites.  However, this can make password management a chore.  More information on password managers is available at