A Russian criminal gang has successfully carried out the
world’s largest data breach amassing over a billion usernames and passwords as
well as over 500 million email addresses.
First reported by the New York Times, this is the single
largest breach of its kind and affects a huge variety of websites from
well-known brands to personal sites and blogs.
With over a billion ‘keys’ into people’s website accounts
the gang has a potential goldmine of information but according to the New York
Times it only appears to be using the information to spam people on behalf of
other groups and then collect the fees.
- Data Hack: A Russian Gang Just Stole Over A Billion
Passwords
Huffington Post UK, 06 August 2014
How often do we read news about username and password being
stolen by hackers? This incident addresses the need for industries to take a
better look at the methods on how to secure users’ data. On the part of the
users, people should also start to rethink how they secure themselves online.
Below are some information about the stolen user credentials and how Authicon
secure its users data.
Stolen users’ credentials
Online breaches are on the rise and every year, millions of
credentials are stolen. End-user credentials (usernames and passwords) are of
interest to spammers but what happens to the stolen information? Stolen user’s
credentials can be sold in underground markets by hackers at a varying price.
The more important the information, the higher the price tag. This is another
way of hackers getting money from your account information.
Storing user credentials
For safety reasons, we do not store users’ passwords. We
only collect the user’s “hashed username” using our hashing method. We collect
the users’ username and encrypt it, which serves as its access_id to the
system. We store the user data (username) on our own database. The database
stores the encrypted values. Source: http://blog.authicon.com/authicon_articles/data-hack-a-russian-gang-just-stole-over-billion-passwords/!
No comments:
Post a Comment