Looks like it could be time to change your password. There has been a massive breach of security exposing “hundreds of millions” of account details for many popular email services and websites.
Alex Holden, chief information security officer of Hold Security, has told Reuters that 272.3 million usernames and passwords have been stolen from users of Hotmail, Yahoo Mail, Google’s Gmail and Mail.ru, Russia's largest email service.
The majority of data comes from Mail.ru. Fifteen percent of data is known to come from Yahoo Mail, 12 percent from Hotmail, and 9 percent from Gmail. Usernames and passwords for banking and retail are also among the stolen information.
Holden advised all users of the email services to change their passwords. All of the affected email services also offer a two-step verification process, which will ask for extra information if there is an attempt to log in from a new device.
The discovery came after researchers from Hold Security found a young Russian hacker – referred to as "The Collector" – who was caught bragging about the "heist" in an online forum. Experts from Hold Security began talking to the hacker, expecting that he would ask for a high price for the extremely valuable and sensitive data. Bizarrely, the hacker asked for just 50 roubles (around 75 cents) for all of the data. Instead of big money, all he asked was that people post positive comments to his social media page.
Since the hacker released the information so readily, Hold Security fear the data could already be circulating around the online criminal underground.
Google told Tech Rader they are already looking into the issue and Mail.ru told Reuters that they are in the process of discovering the affected accounts. Microsoft, who own Hotmail, said they already have "security measures in place to detect account compromise." Yahoo has not yet responded.