Cybersecurity Firm Reports What May Be the Largest Single Personal Data Hack Ever

Future Tense
The Citizen's Guide to the Future
Feb. 28 2014 3:07 PM

Cybersecurity Firm Reports What May Be the Largest Single Personal Data Hack Ever

At this point it's unclear where the stolen data came from, or how many groups were hacked in the process of collecting it.

Photo by Shutterstock.

And you thought the Target hack was big. Cybersecurity firm Hold Security LLC has discovered a huge trove of 360 million stolen account credentials on a cyber black market site for stolen account and credit card information.

Hold Security, which also discovered the Adobe breach last year, told Reuters that it has been collecting data for the past three weeks and that "the sheer volume is overwhelming." If some of the username and password combinations can unlock bank accounts, medical records, or corporate networks and enterprise systems, the data breach could potentially cause bigger problems for consumers than stolen credit card numbers would.


Within the 360 million account credentials, 105 million seem to come from a single cyber attack, and if they did, that data represents the largest single data collection breach ever. Ever. Alex Holden, the chief information security officer at Hold Security, told Reuters that he thinks the data is from companies that have not yet announced that they were hacked or do not yet realize it. He said that once Hold Security processes the data, it will alert companies that seem to have been compromised. Most of the data takes the form of unencrypted email addresses and passwords from email providers like AOL, Google, Microsoft, Yahoo, everyone.

For some context, the Target hack from last fall compromised 40 million credit card numbers and 70 million accounts in all. The Neiman Marcus hack, revealed in January, was even bigger, with 1.1 million customers affected over a three-month period (so not a one-time attack). With that in mind, if data about 360 million personal accounts is just chilling on a black market site somewhere, that's a pretty big deal.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.



The Irritating Confidante

John Dickerson on Ben Bradlee’s fascinating relationship with John F. Kennedy.

My Father Invented Social Networking at a Girls’ Reform School in the 1930s

Renée Zellweger’s New Face Is Too Real

Sleater-Kinney Was Once America’s Best Rock Band

Can it be again?

The All The President’s Men Scene That Captured Ben Bradlee

Medical Examiner

Is It Better to Be a Hero Like Batman?

Or an altruist like Bruce Wayne?


Driving in Circles

The autonomous Google car may never actually happen.

The World’s Human Rights Violators Are Signatories on the World’s Human Rights Treaties

How Punctual Are Germans?

  News & Politics
Oct. 22 2014 12:44 AM We Need More Ben Bradlees His relationship with John F. Kennedy shows what’s missing from today’s Washington journalism.
Oct. 21 2014 5:57 PM Soda and Fries Have Lost Their Charm for Both Consumers and Investors
The Vault
Oct. 21 2014 2:23 PM A Data-Packed Map of American Immigration in 1903
  Double X
The XX Factor
Oct. 21 2014 3:03 PM Renée Zellweger’s New Face Is Too Real
  Slate Plus
Oct. 22 2014 6:00 AM Why It’s OK to Ask People What They Do David Plotz talks to two junior staffers about the lessons of Working.
Brow Beat
Oct. 21 2014 9:42 PM The All The President’s Men Scene That Perfectly Captured Ben Bradlee’s Genius
Oct. 21 2014 11:44 PM Driving in Circles The autonomous Google car may never actually happen.
  Health & Science
Climate Desk
Oct. 21 2014 11:53 AM Taking Research for Granted Texas Republican Lamar Smith continues his crusade against independence in science.
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.