The U.S. Federal Bureau of Investigation (FBI ) is investigating a report by a U.S. cyber security firm that it uncovered some 1.2 billion Internet logins and passwords amassed by a Russian crime ring. If the investigations prove the information to be correct, this could be the largest known collection of such stolen data.
Hold Security, a Wisconsin-based security firm, uncovered the massive credentials cache through months of research. As per Hold Security, a Russian group called “CyberVor” allegedly stole the logins over several years from more than 400,000 websites and servers
“The FBI is investigating the recently reported incident involving the potential compromise of numerous user names and passwords, and will provide additional information as the nature and scope of the incident becomes clearer,” agency spokesman Josh Campbell said on Tuesday to Reuters via email.
Hold Security said on Aug. 5 that it obtained the credentials from a criminal gang that it has dubbed CyberVor, which focuses on stealing login credentials.
Hold Security believes CyberVor accessed underground markets and stolen credential databases to begin their login collection and were later able to return to those markets and access data through botnet networks.