We need your help now
Support from readers like you keeps The Journal open.
You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.
If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.
Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
By continuing, you are indicating that you accept our Terms of Service and Privacy Policy.
THERE HAVE BEEN warnings for Irish internet users after a recent security breach that could have seen 1.2 billion passwords fall into the hands of Russian hackers.
It is thought that passwords and usernames from as many as 500,000 websites could have been compromised in what would be one of the biggest data breaches of all time. The information about the reported theft comes from US-based company Hold Security Ltd.
There have been some questions raised over the validity of the claim due to lack of information about the hacks provided by the company and the fact they have only been recently established.
The company has also taken the unusual action of charging users $120 to check if their information has been compromised.
The original statement on the company’s website from last week states:
In the latest development, Hold Security’s Deep Web Monitoring practice in conjunction with our Credential Integrity Services discovered what could be arguably the largest data breach known to date.”
The company’s claims have been given veracity through the backing of tech expert Brian Krebs. When speaking about Hold Security’s founder Alex Holden last week on his website, Krebs said:
“I’ve known Hold Security’s Founder Alex Holden for nearly seven years… Alex is a talented and tireless researcher, as well as a forthright and honest guy.”
The threat has been identified by global security company Trend Micro as a serious issue. The company operate globally and have their European Operations Centre in Cork. The company have warned that the data of Irish users could be vulnerable to attacks by ‘cyber criminals’.
Speaking to TheJournal.ie, Trend Micro’s enterprise security director Simon Walsh noted ”it seems strange [Hold Security Ltd] appeared all of a sudden” but that “we have to take it at face value”. He went on to say:
“If you are looking for stolen credentials, [underground sites] are the kinds of places where you would hang out… they provide a huge wealth of resources to anyone trying to do this kind of stuff. You don’t need to be a cyber criminal to do this kind of thing. You can buy anything you need.”
There is talk that some of the 500,000 companies could be Fortune 500 companies. If that was the case then it is totally possible that Irish people were hit. We use the internet as much as anyone else.
A report issued earlier this year by the Trend Micro entitled ‘Russian Underground Revisited’ looked at the particular threat of the Russian online black market.
The study found the Russian marketplace to be offer a number of illegal products, including stolen credit card credentials, fake documents including passports, services to sell web traffic and malware software that can be used to steal personal data.
On what customers can do to protect their safety, Harris said: “Use different passwords for different websites and use a password manager. Try and change passwords regularly.”
To embed this post, copy the code below on your site
Hold Security says ‘we think your passwords have been compromised, give us $120 and we’ll check to see …
… right …
That reminded me of the scam phone calls telling me my computer has a virus..
Even if it’s legit, that’s what it brought to mind!
It’s not legit.
Never trust a guy using a laptop in a hoody.
Up to no good.
Exactly, why would a laptop have a hoody on?
Business… The NSA don’t wear hoodies..
No the NSA don’t need to wear hoodies when they are above the law, are allowed spy on everyone and anyone and get away with it when they are caught. It’s more propaganda against Russia by the looks of things to try prop up the make believe stories western media are falsifying against Russia
Dead right! Just beware of all “hoodies” no matter what the circumstances. Cowards, trying to hide their identity.
I just changed all my passwords cos of Paddy Power breach ….don’t tell me I have to change them all again !!
At this stage you win hackers…do your worst
First they take Georgia and then our passwords !
Napoleon warned that a resurgent Russia would go after Europe’s dairy, meat & passwords.
…..
Or at least I’m pretty sure he said that.
This story is over a week old. It has also been shown to be overhyped – much of the emails and passwords held were purchased from previous and sometimes very old hacks (such as the Target breach a year ago and other ones as old as a decade ago). The quality of the data is considered to be low as much of it is old (most passwords will have been changed in the meantime) and considering it was being sold for email spam rather than more valuable bank account hacks, etc.
Non-event. Slow news day
They’ve a bit of a cheek to be charging $120 anyway, but based on what you’ve said I’d regard it as a scam that should be investigated itself.
It’s a good job I don’t use the internet
Don’t worry. I have about 6 million passwords for everything from my Facebook to my email and work passwords. So a large chunk of the 1.2bn might just be mine.
Any chance they could hack the auditors for Anglo? Maybe the night of the Bank Guarentee ?
I’m sure die hard hacker activists will be upset over the stereotypical picture painted of them in the picture above
Love the photo illustration :-D
Crackers. The term is ‘crackers,’ not ‘hackers.’
In Soviet Russia, password hack you.
Shite, that mean I have to change all my ABC123 & Pa55word
If any of these passwords are server admin passwords, it won’t matter if you change yours…
Hmmmmm slightly ironic the US publish this in the middle of their own shamefull spying scandal, propaganda…. Old irrelevant news only sense in this story is remind “Ireland” the Russians are the baddies, c’mon FBI had Angela Merkel’s phone tapped….
guy in photo ooks like he searchin for methadone online, not passwords
Jeeze, that’s one hell of a population explosion. What are ye putting in the water?
have your say