Cybersecurity Firm Reports What May Be the Largest Single Personal Data Hack Ever

The Citizen's Guide to the Future
Feb. 28 2014 3:07 PM

Cybersecurity Firm Reports What May Be the Largest Single Personal Data Hack Ever

At this point it's unclear where the stolen data came from, or how many groups were hacked in the process of collecting it.

Photo by Shutterstock.

And you thought the Target hack was big. Cybersecurity firm Hold Security LLC has discovered a huge trove of 360 million stolen account credentials on a cyber black market site for stolen account and credit card information.

Hold Security, which also discovered the Adobe breach last year, told Reuters that it has been collecting data for the past three weeks and that "the sheer volume is overwhelming." If some of the username and password combinations can unlock bank accounts, medical records, or corporate networks and enterprise systems, the data breach could potentially cause bigger problems for consumers than stolen credit card numbers would.


Within the 360 million account credentials, 105 million seem to come from a single cyber attack, and if they did, that data represents the largest single data collection breach ever. Ever. Alex Holden, the chief information security officer at Hold Security, told Reuters that he thinks the data is from companies that have not yet announced that they were hacked or do not yet realize it. He said that once Hold Security processes the data, it will alert companies that seem to have been compromised. Most of the data takes the form of unencrypted email addresses and passwords from email providers like AOL, Google, Microsoft, Yahoo, everyone.

For some context, the Target hack from last fall compromised 40 million credit card numbers and 70 million accounts in all. The Neiman Marcus hack, revealed in January, was even bigger, with 1.1 million customers affected over a three-month period (so not a one-time attack). With that in mind, if data about 360 million personal accounts is just chilling on a black market site somewhere, that's a pretty big deal.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.



The World’s Politest Protesters

The Occupy Central demonstrators are courteous. That’s actually what makes them so dangerous.

The Religious Right Is Not Happy With Republicans  

The XX Factor
Oct. 1 2014 4:58 PM The Religious Right Is Not Happy With Republicans  

The Feds Have Declared War on Encryption—and the New Privacy Measures From Apple and Google

The One Fact About Ebola That Should Calm You

It spreads slowly.

These “Dark” Lego Masterpieces Are Delightful and Evocative


Operation Backbone

How White Boy Rick, a legendary Detroit cocaine dealer, helped the FBI uncover brazen police corruption.


Talking White

Black people’s disdain for “proper English” and academic achievement is a myth.

Activists Are Trying to Save an Iranian Woman Sentenced to Death for Killing Her Alleged Rapist

Piper Kerman on Why She Dressed Like a Hitchcock Heroine for Her Prison Sentencing

  News & Politics
Oct. 1 2014 7:26 PM Talking White Black people’s disdain for “proper English” and academic achievement is a myth.
Oct. 1 2014 2:16 PM Wall Street Tackles Chat Services, Shies Away From Diversity Issues 
Oct. 1 2014 6:02 PM Facebook Relaxes Its “Real Name” Policy; Drag Queens Celebrate
  Double X
The XX Factor
Oct. 1 2014 5:11 PM Celebrity Feminist Identification Has Reached Peak Meaninglessness
  Slate Plus
Behind the Scenes
Oct. 1 2014 3:24 PM Revelry (and Business) at Mohonk Photos and highlights from Slate’s annual retreat.
Brow Beat
Oct. 1 2014 9:39 PM Tom Cruise Dies Over and Over Again in This Edge of Tomorrow Supercut
Future Tense
Oct. 1 2014 6:59 PM EU’s Next Digital Commissioner Thinks Keeping Nude Celeb Photos in the Cloud Is “Stupid”
  Health & Science
Oct. 1 2014 4:03 PM Does the Earth Really Have a “Hum”? Yes, but probably not the one you’re thinking.
Sports Nut
Oct. 1 2014 5:19 PM Bunt-a-Palooza! How bad was the Kansas City Royals’ bunt-all-the-time strategy in the American League wild-card game?