Hacker sells 272 million Google, Yahoo and Hotmail email accounts online

Criminals could hack into the email accounts or send phishing attacks

Gmail app icon

The usernames and passwords of 272.3 million Google, Yahoo and Hotmail email users have been stolen and are now being sold online - most commonly between Russian criminals.

Victims' details could be used to break into their email accounts or to launch phishing attacks seeking further information such as bank details, Alex Holden, founder and chief information security officer of Hold Security, who discovered the breach, told Reuters, saying it is one of the biggest stashes of stolen credentials to be discovered in two years.

The email addresses affected include those hosted on Mail.ru, Google, Yahoo and Microsoft, with the Russian-hosted provider being worst hit. In fact, Holden believes 57 million accounts in use with that particular .ru domain are affected, accounting for more than 90 per cent of the company's total active users.

A total 15 per cent of the details stolen related to Yahoo email accounts, 12 per cent were Microsoft Hotmail accounts and nine per cent were Gmail email addresses.

Advertisement - Article continues below
Advertisement - Article continues below

The hacker who stole the details charged just 50 rubles (50p) for the entire collection of email details, although he is not averse to giving the database away for free to those who offer to post positive feedback about him or her on forums.

"This information is potent. It is floating around in the underground and this person has shown he's willing to give the data away to people who are nice to him," Alex Holden, founder and chief information security officer of Hold Security, said. "These credentials can be abused multiple times."

Holden said his researchers received the entire bank of data for free when his researchers sweet-talked the criminal in hacker forums.

Mail.ru said in a statement: "We are now checking, whether any combinations of usernames/passwords match users' e-mails and are still active. As soon as we have enough information we will warn the users who might have been affected."

Microsoft added: "Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020