Russian Hackers Stockpile Over 1 Billion Internet Credentials: Industry Leaders Across All Sectors Likely Impacted

King & Spalding
Contact

A Russian hacking group reportedly engaged in the largest known cyberattack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million email addresses from more than 420,000 web and FTP sites. The attack was uncovered by Hold Security, an information security company based in Milwaukee, which has been investigating the attack for several months. Various news reports have confirmed the company’s findings. Among the victims are “leaders in virtually all industries across the world,” including “the auto industry, real estate, oil companies, consulting firms, car rental businesses, hotels, computer hardware and software firms and the food industry,” but Hold Security is not naming specific victims. The security firm intends to reach out to individual victims confidentially. The Russian hackers reportedly utilized a hacking technique known as a SQL injection, which exploits a security vulnerability in an application’s software to inject malicious code.

Companies that are victims of the cyberattack that collect information from California and Florida residents may have an obligation under those state data breach notification laws to notify affected individuals and government agencies. In California and Florida, personally identifiable information includes an email address or username in combination with a password, among other data elements. If consumer usernames or email addresses and passwords were stolen by the Russian hackers, companies that collect that information from California or Florida residents may have a duty to notify the consumers and report the breach to government authorities.

Please see full publication below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

King & Spalding
Contact
more
less

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide