RELATED ARTICLES |
The report further stated that the information is a mix of email ids and passwords from sites like Yahoo, Gmail, Sify, different webmail addresses and a number of corporate email addresses as well.
Abhinav Karnwal, APAC technical marketing manager - enterprise, Trend Micro said the data is posted on numerous hacker forums on the underground. “These websites are not published. If a person wants to access it, they have to choose specific DNS servers or channels,” he said.
As per Trend Micro researchers, the nature of the list indicates that the email providers themselves were not hacked, but third party websites on which these users were registered were compromised.
“This is similar to the cases of the ChristianSingles and Faithwriters websites in the US last year, where a security issue with those websites allowed hackers to gain access to the complete user list and passwords for those websites,” said David Peterson, consumer products director, Australia and New Zealand, Trend Micro.
In the ChristianSingles and Faithwriters cases, the users had reused their email addresses and passwords across multiple websites and enabled the hackers to compromise the victims’ email accounts, social networking accounts, financial data through eBay and PayPal and even their business extranets.
“Many of these websites have adequate security measures in place, but those that do not have adequate security mechanisms are putting their subscribers at a serious risk. Unfortunately, it is nearly impossible for a typical internet user to assess the vulnerability risk level of such websites without some form of third-party accreditation system in place,” Peterson added.
The company recommends that it is ideal for internet users to use different passwords for each website that they sign up to. That will help them to limit their risk in the case of any website hackings.
 Limited.JPG)
Post new comment