The New York Times reports that: “A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses”.
Hold Security, the company who discovered the compromised records, will not name the victims due to non-disclosure agreements. However, the targeting appears to have been widespread, from Fortune 500 companies to small websites. Personal information falling into the hands of thieves remains a large problem. Back in December, we saw Target falling victim to such theft. Despite the technology for biometrics being now widely available, user names and passwords are still too prevalent, and are leaving many companies highly vulnerable to attack.