![CarmeloWalsh[.]com](https://www.carmelowalsh.com/wp-content/themes/twentyten/images/headers/sunset.jpg)
A Russian cyber gang over the past several months has breached over 420,000 web and FTP sites to pilfer over 1.2 billion credentials. They are known as the CyberVors (Vors is thief in Russian). They used botnets to scan hundreds of thousands of websites for known vulnerabilities. Over 400,000 sites were identified to be potentially vulnerable to SQL injection flaws and the vulnerabilities were used to steal data from their respective databases.
Here is the Hold Security announcement.
Your data has not necessarily been stolen from you directly. It could have been stolen from the service or goods providers to whom you entrust your personal information, from your employers, even from your friends and family. But that doesn’t mean you’ve been hacked already. Not all of the credentials are valid or current. The CyberVor gang might have stolen credentials that belonged to an e-mail address that you no longer have or a password that you haven’t used in forever, even a default password automatically assigned to you by a website.
Hold on Hold… Hold Security will charge you to look you up? Sounds like a get rich quick scheme. So if I can claim I have 5 billion usernames and passwords and will charge you 10 dollars a month to look you up on my list… and if I can get all 5 billion of you to do so.
