Russian Email Provider Rambler.ru Hacked, 100 Million Accounts Leaked

The Russian search internet giant stored passwords in unencrypted plaintext

Four years after Russia’s version of Facebook was compromised in 2012, it has been revealed that nearly 100 million users of Rambler.ru, one of the biggest Russian web portals have surfaced online, confirmed LeakedSource. The compromised Rambler.ru records were added to the LeakedSource database on Monday. The company competes with Yandex, and Mail.ru (which also owns VK.com) which made headlines for a second time this year for falling victims to the hackers again.

โ€œNearly 100 million records have been leaked online in yet another โ€œmega breachโ€, this time from the website Rambler.ru ย for those who donโ€™t already know, they are the โ€œRussian version of Yahooโ€. Rambler.ru was hacked for 98,167,935 users on February 17th, 2012 and this data set was provided to us by [email protected] who also provided the Last.fm mega breach.

Each record contains:

A username/email address
Password
ICQ # (yeah)
And some other internal data

โ€ reads the notification published by LeakedSource.

Leakedsource has verified the authenticity of the leaked credentials. They said, โ€œWe verified this database with the help of journalist Maria Nefedova who works for xakep.ru. Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100% accuracy.โ€

The LeakedSource team also noted, โ€œNearly all of the emails in the leak end in @rambler.ru and although they apparently own a few other domains, the other domains are rarely used.โ€

The notification published by LeakedSource continues, โ€œJust like every single mega breach we have exposed before, attempts to contact Rambler by other journalists on our behalf have failed at the time of this post.โ€

Similar to the VK.com hack, passwords on rambler.ru were stored with no encryption or hashing (visible plaintext passwords). Many are expectedly predictable and have been used by hundreds of thousands of users.

Below the Top Ten passwords included in the data dump, similar to the VK.com data breach, passwords were stored in plain text.

Russian Email Provider Rambler.ru Hacked 100 Million Accounts Leaked

Rambler.ru isn’t the only Russian firm to find themselves in LeakedSource’s archive. In June this year, Russian version of Facebook VK.com was hacked and 100 million of its login credentials were stolen by unknown attackers. LeakedSource was the first to report the existence of 171 million compromised VK.com accounts. Similarly, it also reported on the existence of millions of compromised mail.ru accounts.

Source: LeakedSource

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

Read More

Suggested Post