The Russian search internet giant stored passwords in unencrypted plaintext
Four years after Russia’s version of Facebook was compromised in 2012, it has been revealed that nearly 100 million users of Rambler.ru, one of the biggest Russian web portals have surfaced online, confirmed LeakedSource. The compromised Rambler.ru records were added to the LeakedSource database on Monday. The company competes with Yandex, and Mail.ru (which also owns VK.com) which made headlines for a second time this year for falling victims to the hackers again.
“Nearly 100 million records have been leaked online in yet another “mega breach”, this time from the website Rambler.ru for those who don’t already know, they are the “Russian version of Yahoo”. Rambler.ru was hacked for 98,167,935 users on February 17th, 2012 and this data set was provided to us by email@example.com who also provided the Last.fm mega breach.
Each record contains:
A username/email address
ICQ # (yeah)
And some other internal data
” reads the notification published by LeakedSource.
Leakedsource has verified the authenticity of the leaked credentials. They said, “We verified this database with the help of journalist Maria Nefedova who works for xakep.ru. Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100% accuracy.”
The LeakedSource team also noted, “Nearly all of the emails in the leak end in @rambler.ru and although they apparently own a few other domains, the other domains are rarely used.”
The notification published by LeakedSource continues, “Just like every single mega breach we have exposed before, attempts to contact Rambler by other journalists on our behalf have failed at the time of this post.”
Similar to the VK.com hack, passwords on rambler.ru were stored with no encryption or hashing (visible plaintext passwords). Many are expectedly predictable and have been used by hundreds of thousands of users.
Below the Top Ten passwords included in the data dump, similar to the VK.com data breach, passwords were stored in plain text.
Rambler.ru isn’t the only Russian firm to find themselves in LeakedSource’s archive. In June this year, Russian version of Facebook VK.com was hacked and 100 million of its login credentials were stolen by unknown attackers. LeakedSource was the first to report the existence of 171 million compromised VK.com accounts. Similarly, it also reported on the existence of millions of compromised mail.ru accounts.