Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 23 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

A whopping 360 million stolen web site credentials for sale on black market

by The Gurus
February 27, 2014
in Editor's News
Share on FacebookShare on Twitter

Researchers at US cyber security firm, Hold Security LLC, have discovered stolen credentials from 360 million accounts that are available for sale on cyber black markets.
Alex Holden, chief information security officer of Hold Security LLC, said in a statement that his firm obtained the data over the past three weeks, meaning an unprecedented amount of stolen credentials is available for sale underground.
‘The sheer volume is overwhelming,’ said Holden, whose firm last year also helped uncover a major data breach at Adobe Systems Inc in which tens of millions of records were stolen. He added that he believes the records were obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breach known to date. “These mind boggling numbers are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action, and if you are concerned about integrity of your company’s user credentials we encourage you to use our Credentials Integrity Services.”
Around 1.25 billion email addresses are also available for sale to potential cyber criminals. Andy Heather, VP for EMEA at Voltage Security, said organisations need a new security approach in response to this breach. He told IT Security Guru: “Traditional security approaches continue to fail to protect the real assets – which is the sensitive data. Only a data-centric approach, which neutralises the data and makes it valueless to the hackers, can ensure that when these inevitable breaches occur the data remains safe and secure.
“The fact that this involved account information and not just credit card numbers highlights that the criminals will take the path of least resistance to compromise consumers’ credit card details and bank accounts. Companies must use strong encryption to protect all personally identifiable information, especially if it can be used to gain access to consumers’ hard-earned money.”
Lancope CTO, Tim ‘TK’ Keanini added: “While these numbers are incredibly large, this information does not age well. Companies should issue a mandatory password change immediate to take themselves out of the running. This also goes for all your personal passwords. Just do it! The more alarming issue is that security folks are not ready for this type of infiltration because they wait around for security violations but the attacker here will not trigger an alarm, they will just login as the person – it could even be senior management! Without telemetry in place to be made aware of behavioural changes, the attacker goes undetected and sets up the next phase of their attack.”

FacebookTweetLinkedIn
Tags: Cyber Securitydata breach
ShareTweetShare
Previous Post

Secure Futures inspires youth to consider careers in cyber security

Next Post

Apple continues to hide its rotten security from consumers

Recent News

call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023
Ferrari Data Breach: The Industry has its say

Ferrari Data Breach: The Industry has its say

March 22, 2023
security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information