In 2016, we have seen a large number of cyber-attacks. Some have been successful, and others have not. A successful information breach has happened to QIP.ru; a Russian instant messaging service.
It’s being reported that 33 million QIP accounts were compromised. Heroic, a cyber security startup, said they have obtained and validated the data breach.
“We have obtained and validated a data breach of over 33 million accounts associated with the Russian instant messaging platform,” Heroic stated.
According too Heroic, a database of 33,394,101 accounts has been verified with successful password resets.
A statement the firm released said:
“The database was provided to us by renowned hacker email@example.com. The database contains user email addresses, usernames, passwords and other related fields dating from 2009-2011. The passwords within the database were stored in plain text with no encryption or hashing.”
Heroic also confirmed the breach happened in 2011. QPI.ru is the third Russian service hit by hackers. 100 million usernames and passwords where hacked from Rambler, which is like Russia’s Yahoo. Just like QIP’s leak, Rambler’s leaks didn’t come until years after the hack.
Russian social media platform, VK, also had 100 million accounts stolen this year. Passwords were also stored in plain text, making hacking the accounts much easier. The Russian internet giant, Mail.ru was also compromised. The number of data breaches in Russia is on the rise.
America is also having its share of breaches. LinkedIn, Dropbox, Myspace, and many others have happened recently. This data and more have been sold on dark net markets for pennies on the dollar to more than a thousand dollars. One such marketplace, xDedic was found to have some stolen data listings. Several hacked government servers, business servers, and university servers were found for sale. xDedic isn’t the only marketplace the information sells on. There are a multitude for private markets, that are more challenging to get to than standard markets.