Nearly 300 million email accounts have been hacked, compromising user names and passwords for email accounts and other websites, which are being sold on the dark web, revealed Reuters. The compromised accounts include those from the likes of Gmail, Hotmail, and Yahoo Mail, and are being traded in "Russia's criminal underworld."
Talking to NBC News, Alex Holden—founder of Holden Security, and the man who discovered the hack—said that he became suspicious after noticing a Russian hacker bragging in an online forum about having more than 1.17 billion records he was willing to give away. The bulk of the stolen accounts (about 272.3 million email accounts) include Russia's Mail.ru users. Holden said:
"We know he's a young man in central Russia who collected this information from multiple sources. We don't know the way he did it or the reason why he did it."
Cyber-security professional and former White House Chief Information Officer, Theresa Payton, told NBC News that it's likely more than one individual is behind the email hack. She said:
"The data collection of consumers, the data collection of federal government employees, it's very obvious that it's targeted, that it's orchestrated, and that there is [sic] multiple groups in play here."
Stolen email information can be used for a variety of reasons. Hackers primarily use email credentials to steal identities by luring victims into giving away more information like birthdates, credit card numbers and bank account access.
For this reason alone, anyone with a personal email account should immediately change your password. This is especially the case for those of you who have an account with Hotmail, Microsoft, Google's Gmail, Yahoo Mail, and Mail.ru.
Changing your password at regular intervals is one of the easiest and most effective ways to help keep your account secure. For an even stronger password, use special characters and a combination of upper and lower case letters, and avoid using the same password across multiple sites.