Threat Management, Network Security

FBI begins investigation into 1.2 billion stolen credentials

The U.S. Federal Bureau of Investigation (FBI) has begun looking into the 1.2 billion stolen logins that were discovered earlier this month.

Hold Security, a Wisconsin-based security firm, uncovered the massive credentials cache through months of research. The Russian group, “CyberVor” allegedly stole the logins over several years from more than 400,000 websites and servers, according to Reuters.

An FBI spokesman told the news agency that the investigation will eventually provide additional information on the compromised data.

Hold Security believes CyberVor accessed underground markets and stolen credential databases to begin their login collection and were later able to return to those markets and access data through botnet networks.

If victims in the botnet visited a website, the group was able to check whether it was susceptible to SQL injection.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.