The records were discovered by Hold Security, a firm in Milwaukee, the New York Times reports. After seven months of research Hold Security identified a Russian cyber gang was in the position of the largest cache of stolen credentials. Hold Security names the gang CyberVor (Vor means ‘thief’ in Russian) and discovered they had taken 4,5 billion records, 1,2 of them being unique credentials.
400.000 websites detected as vulnerable
“The gang acquired databases of stolen records for botnets that uses victim’s systems to detect SQL vulnerabilities. The botnet conducted possibly one the largest security audits ever. Over 400.000 sites were detected as vulnerable”, Hold Security writes on their website.
Transition to two-factor authentication
Eric Cowperthwaite, vice president, advanced security & strategy at Core Security, explains that this is yet another example of the pressing need for users and companies to leverage two-factor authentication. “Companies need to transition to two-factor authentication,” Cowperthwaite said. “Companies such as Facebook and Twitter have finally started offering two-factor authentication, but the bottom line is that most users aren't taking advantage of it”, Security Week reports.
Two-factor authentication would have prevented hackers breach into personal website accounts as an extra layer of security secures the login session. People passwords would still have been compromised and still should be changing their passwords, but hackers would not be able to access their online accounts as 2FA via SMS sends an extra One Time Password to the users mobile phone.
2FA as a standard method
“Banks, as a standard practice, should absolutely be using two-factor authentication,” Cowperthwaite added. “They have a certain amount of loss from fraud built into their operating model - they just accept that it will happen. This acceptance is a shame since there are many simple ways to reduce those costs significantly.”
Implementing two-factor authentication in you business is a secure and very effective way of protecting you IT networks against suspicious and malicious login attempts.