DBTA - Russian Hackers Steal 1.2b Internet Credentials: Or, Why the Heck Does this Keep Happening?!
I'm decidedly old-school in a few of my habits. My morning routine, barring anything out of the ordinary, is one such example. Typically, I'll get up between 6:30 to 7:00 am, grab my first cup of coffee, and then chat with my daughters for a few minutes before seeing them off to school. Next, I make a bowl of oatmeal (a great choice for diabetics like me), pour a second cup of coffee, and browse the local paper, The Tennessean, while I have breakfast. On the morning of August 5, I had the added pleasure of spewing said coffee and oatmeal all over my morning paper when I read the headlines: Russian gang stole 1.2 billion Net passwords.
Scanning the article, midway through the details, I saw that the hackers used good, ol’ fashioned SQL injection attacks. They target approximately 450,000 websites from small mom-and-pop shops to the very largest company websites. A bit later, I read more online from The New York Times article where the story first broke.
Their efforts brought in 4.5 billion records in total, each one containing a user name and password, resulting 1.2 billion unique accounts. And of those unique accounts, a little data processing found that there were about 542 million unique email address, since many people use the same user name and password on multiple accounts.
Read the rest of this article here.
Kevin (@kekline) serves as Principal Program Manager at SentryOne. He is a founder and former president of PASS and the author of popular IT books like SQL in a Nutshell. Kevin is a renowned database expert, software industry veteran, Microsoft SQL Server MVP, and long-time blogger at SentryOne. As a noted leader in the SQL Server community, Kevin blogs about Microsoft Data Platform features and best practices, SQL Server trends, and professional development for data professionals.