The breach was discovered by Milwaukee-based security firm Hold Security.
Records stolen included confidential material from 420,000 websites, such as 1.2 billion username and password combinations and more than 500 million email addresses.
The attacks ranged from small websites to large companies, and websites inside Russia have also been attacked.
This hacking ring is based in south central Russia, according to The Times, and consists of fewer than a dozen men in their 20s. The hackers began as amateur spammers in 2011, but could have partnered with a larger entity since.[related-posts]
The hackers used botnets to extract this type of information on a massive scale. Botnets allow hackers to infect thousands and thousands of computers with software that can allow for remote access.
These remote capabilities can allow the hacker to try and penetrate other systems without the user’s knowledge.
So, for instance, a botnet could enable your computer to enter passwords and try to hack into other websites, and you wouldn’t even notice. This makes it much harder to track the source of the attack as well, since the hackers could be using a wide range of different computers from around the world.
The best way to protect your data from attackers is by making sure you don’t use the same password for multiple accounts.
Enabling two-factor authentication is also a must, It is a feature that sends a code to your smartphone that’s required to login after entering your username and password. Many email providers offer this feature, including Gmail and Outlook among others.