The biggest concern that many users have about using the Internet is having their personal information stolen from them. It's scary how much data can be skimmed off of a simple username and password combination. But today, Reuters.com has been made privy of a recent exchange of millions of accounts that is being traded on the internet freely for as little as internet fame.
272.3 million accounts were stolen from Mail.ru, Google, Yahoo, and even Microsoft. Alex Holden, chief information security officer and founder of Hold Security, said that they discovered the Russian hacker after he started bragging online. Through a forum, the hacker had told users that he stole up to nearly 1.17 billion records and that he was looking to sell all of the information for 60 roubles (less than $1 USD). But money isn't what he really wanted. The young person handed over the entire stash to Hold Security after they promised to write comments in hacker forums praising his capabilities.
But hacks like these don't come without a cost. With the information being freely exchanged for such little compensation, hackers can utilize the data breaches and cause major problems not limited to identity theft, stolen money, and damaged reputations. In fact, thousands of the data actually belonged to US banking employees and manufacturing/retail companies that could lead to even more data breaches down the line.
It was revealed that 12%, approximately 33 million, of the account credentials stolen were Microsoft Hotmail accounts. "Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access." a Microsoft spokesperson told Reuters.com.
Alex Holden ensured readers Hold Security has a firm policy to return all stolen data that it recovers back to the original holders without any cost to the company.
While Microsoft hasn't officially suggested any recourse on protecting your data, here are a few tips that can increase your account security:
- Change your password regularly. Some sites suggest every month.
- Use a password that is randomly generated. Include a variation of symbols, letters, and numbers.
- Use a different password for every account. Having the same password for everything will result in all of those accounts being compromised at once.
- Have a different means to recover your password. Use phone or app authentication when provided.
Are you concerned that any of your accounts have been compromised? Let us know in the comments.