ALERT: 18 Million Email Accounts Compromised
Compromised accounts were being used in botnet spam campaigns. In cases where users had reused passwords on other websites, identity theft and fraudulent eCommerce were also likely to have occurred.
Authorities warn that although the discovered operation has been taken down, compromised credentials are most likely still circulating and in active use. Initial estimates state that roughly 3 million accounts contain the .de German country extension, while the remaining 15 million accounts belong to users around the world.
Verden authorities have reported their findings to the German Federal Office for Information Security, otherwise known as the BSI. The BSI has yet to release an official statement, however it is likely that they will set up a German language website where users can check to see whether their account has been compromised. This is exactly what was done in January 2014, when Verden authorities discovered a similar operation affecting 16 million accounts. Interestingly enough, a report from Spiegel Magazine (German language) indicates that the two events may indeed be connected.
For immediate protection, Emsisoft recommends that users change email passwords as soon as possible. If you have reused email passwords at other websites, you should change those too and ensure that you do not reuse your passwords between sites again. The strongest passwords are unique and utilize at least 16 alphanumeric characters or punctuation marks.
Although reports have not stated whether this attack was used to spread malware, this is always a possibility as well. An attacker could, for example, log on to a compromised account and send a malicious attachment or link to every contact in that account’s mailing list. For comprehensive protection against an attack of this nature, users should combine skepticism and a well designed anti-malware.
Have a Great (Identity-Theft-Free) Day!
Good news – The BSI has created a place for users to check if their email has been affected by the breach: https://www.sicherheitstest.bsi.de/
This is the same site that was used when the 16 million account hack was revealed in January.
Mysterious DDOS Attack Against Top 50 Website