Hold Security would not release the details of affected individuals and companies, claiming some of the targeted websites were still vulnerable. According to Holden, the hacker’s names and locations have been identified, but Hold Security wouldn’t release any information except that the group is made up of fewer than 12 men in their 20s. Holden said there were no apparent links between the hackers and the Russian government.
Although personal information can promise big financial returns on the black market, the criminals behind the breach have kept most of their haul for themselves. At this time, they appear to be using the data to spam others through social networks such as Facebook and Twitter.
This isn’t the first attack to be revealed by Hold Security. The company is known for lifting the lid on substantial data breaches. In 2013, Hold Security discovered the large-scale attack on Adobe, which affected around 150 million users.
Hold Security’s discovery is the latest example of a long list of cyber-attacks on major companies and individuals – although most others pale in comparison.
Last month, Australian online retailer Catch of the Day admitted to a data breach in 2011, which potentially put customer user names, passwords, addresses and credit card information at risk. In May, auction website eBay announced it was targeted by cyber-criminals in February and March, leaving personal details and passwords in the hands of hackers.
In the US, retail giant Target was hit in December last year, as 40 million credit cards and 70 million user details were stolen by Eastern European hackers.
According to security engineer and professional “white hat” hacker Jonathan Brossard, major companies are attacked multiple times a day. In an interview with CHOICE, Brossard explained that cyber-criminals generally focus their attention on major companies, so they grab as much data as possible in a single breach.
For more on online security, see our internet section.