Change Your Email Password Now!

Change Your Email Password Now!

All indications are pointing in the direction that you should Change Your Email Password Now according to reports from BGRReuters, and IB Times among others.

Change Your Email Password Now!According to Hold Security, it appears as if the negotiation began with the normal: bartering, talking, ‘finagling,’ etc. The provider of the leaked data asked for money, which is not uncommon in the cyber theft and password leaking field. As per their requirements and standards, the Hold Security analyst would not provide the monetary amount requested of 50 rubles (less than $1 in the May 4, 2016 exchange rate).

An arrangement was make to trade likes on the perpetrator’s social media page for the database. The database was 10 GB in size, which is ¼ the size of the main database released in the Ashley Madison data breach. This is really not uncommon in the cybersecurity space. There must be some incentive to disclose and notoriety and responsible disclosure are not always the motives.

After receiving the database and conducting analysis, Hold Security responsibly reported this to the applicable organizations. This was done some 10 days ago. Per BGR, the breakdown of compromised accounts after removal of duplicates are as follows:

  • 57 million mail.ru accounts
  • 24 Gmail accounts
  • 33 Microsoft (Hotmail, outlook, etc.)
  • 40 Yahoo accounts
  • Unknown amount of private/business email credentials

The database started out as having 1.17 billion records, after the duplicates were removed, only 272 million remained

This is not the first time that Alex Holden or Hold Security has been involved with a major credential spill. Per Reuters, (2016) “Holden, a Ukrainian-American who specialises in Eastern European cyber crime threats, uncovered a cache of 1.2 billion unique credentials that marked the world’s biggest-ever recovery of stolen accounts.” What a way to have ‘just another day in the

office!’

Our Analysis

The How

It is unclear how this was attained, which is why we are saying to change your email password now. This maybe have been the result of an insider job to be able to attain 57 of the 64 million mail.ru records, if not a very clever social engineering attack. I think that it is a safe assumption that there is some overlap in the user base, but I am not sure it is up to 50% of mail.ru’s clientele. We will continue to monitor this for added information and possibly dissect the attack when we know more.

The User Side

We know you’re wondering how this affects you and why you should care. Simply put, you should change your email password now! This further compounds our stance on NOT REUSING PASSWORDS. You should be using a unique password on each site/platform that requires one. The less human readable and non-dictionary the better. This is another reason to use password management software so that you can use those difficult passwords without locking yourself out.

This also helps to continue to make the case against social engineering. With this volume of credentials, I would expect people that have seen the database to begin to target people. They will attempt to collect more information to spread the damage. They will start to try to find other aliases and other accounts and target and enumerate those contacts, then spread like “Patient Zero” in an outbreak. Take this time to audit your social media and presence to ensure that you’re not giving up any information that could be used against you in that sense.

Announcements and Resources

If you believe you may have had your credentials stolen, please check out haveibeenpwned.com and enter your email address

Advanced Persistent Security has partnered with the EC-Council to provide a discounted EC-Council Training Event to our readers and listeners. The codes are only good for the Hacker Halted event in Atlanta, GA September 11-14 and 15-16, 2016. Below are the codes, if you have any questions, Contact Us:

SEPTEMBER 11TH-14TH, 2016

$1,999 Courses if you register using discount code: HHAPSTRN

Choose one of the following courses and exams:

  1. Certified Ethical Hacker (C|EH)*
  2. Computer Hacking Forensic Investigator (C|HFI)*
  3. Certified Security Analyst (E|CSA/L|PT)*
  4. Certified Chief Information Security Officer (C|CISO)*

All courses include:

  • Official Courseware
  • 1 Complimentary Exam Voucher
  • Certificate of attendance
  • Lunch and coffee breaks throughout the duration of the training
  • Complimentary Pass to Hacker Halted – Atlanta conference (September 15 & 16)

September 15-16, 2016

*Individual conference passes can be purchased for $35 (down from $199) Use code: HHAPSCON

Instructions for registration:

1) Click here

2) Fill in all the necessary info

3) Enter Qty (1) for conference pass – public

4) Enter promotional code HHAPSCON (for $35 Conference Passes) HHAPSTRN (for $1,999 Courses)

Recent APS Posts

Qatar Bank Breached After Bangladesh
Bangladesh Bank Loses 80 Million USD
Ransomware Infects Android 4.x
Spotify Allegedly Hacked…Again
MedStar Health Cybersecurity Fails to Prevent Attack
Ransomware Locks MBR
Iranian hackers hit with Federal charges
Spear Phishermen Target Corporate W-2 Data
4 Things to Know About Ransomware
Ransomware Hits Mac Computers

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

References

BGR
Reuters
IB Times

 

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Joe Gray

Joe Gray is a native of East Tennessee. He joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Since leaving the Navy, Joe has lived and worked in St. Louis, MO, Richmond, VA, and Atlanta, GA. His primary experience is in the Information Assurance (IA) and Cyber Security compliance field. He has worked as a Systems Engineer, Information Systems Auditor, Senior UNIX Administrator, Information Systems Security Officer, and Director of IT Security.

Joe is in pursuit of his PhD in Information Technology (with focus in Information Assurance and Security). His undergraduate and graduate degrees are also in Information Technology (with focus in Information Assurance and Security) from Capella University, where he graduated Summa Cum Laude for both degrees and completed a Graduate Certificate in Business Intelligence. He also is a part-time (Adjunct) Faculty at Georgia Gwinnett College.

Joe holds the (ISC)² CISSP-ISSMP, GIAC GSNA, CompTIA Security+, CompTIA Network+, and CompTIA A+ certifications. In his spare time, Joe enjoys reading news relevant to information security, blogging, bass fishing, and flying his drone in addition to tinkering with and testing scripts in R and Python.