Files containing 360 million credentials, 1.25 billion email addresses, located on Deep Web

Share this article:

The number of individuals impacted in data breaches is skyrocketing.

In the first three weeks of February, Hold Security – a company that aided in discovering a number of breaches, including Adobe – has located more than 20 data files on the Deep Web that together contain roughly 360 million email addresses with passwords, and about 1.25 billion email addresses alone.

“In sheer numbers, this is a major change in what we've seen being reported,” Alex Holden, CISO at Hold Security, told SCMagazine.com on Friday, explaining it may stem from a significant increase in the number of online accounts over time. “Even if you have a success rate that is a fraction of a percent, it's still a huge number,” he said.

The biggest file Hold Security unearthed on the Deep Web in February contained 105 million email addresses and passwords, Holden said, but added that, as with all 22 caches of credentials discovered by the company, the data in each file could be the product of multiple breaches.

The Deep Web consists of portions of the internet that are not indexed by traditional search engines and are only reachable using browsers such as Tor.  

Spammers will typically pay a pretty penny for massive lists of email addresses, and many of the email addresses in these files are for Yahoo, Microsoft, Google and AOL accounts, Holden said, adding that victims are located all over the world, including in the United States.

Investigations are ongoing and Holden said he is unsure what techniques the attackers used to obtain the email addresses and passwords. He did say that, in order to collect troves of email addresses, spammers accessed email accounts and downloaded address books.

“Some of this may come from dating sites and job sites,” Holden said, explaining that spammers will target singles and people looking for jobs because they are more susceptible to opening and responding to related emails.

Hold Security unearthed the files while seeking out information for its clients as part of its Deep Web Monitoring services, Holden said, adding the company has had discussions with law enforcement and is communicating with major organizations that have been impacted.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.