Russian Cyber Thugs Swipe 1.2 Billion Passwords

10

Comments

+ Add a Comment
avatar

DirtModeler

Well, with so many passwords stolen, it actually works in your favor.

so you have a 1:1.2Billion chance of them using YOUR password.. i have better chance of winning the lottery.

I do think there should be a real initiative to solve this once and for all.. our systems are way too hacker friendly.. we're supposed to be the most advanced country in the world.. and we're getting duped by gangs in 3rd world countries.

It's time to stop this. All of the major companies should get together and solve it. Find a solution, and put it into place.

avatar

jgrimoldy

I'm not quite sure the 1:1.2B odds really work that way. If it were just 1 person using the accounts, then yes, probably.

Instead, the information will likely be sold in bulk to many, many buyers. It's safe to assume that exploiting the stoeln accounts will be automated to at least separate the wheat from the chaff. I'm sure 1.2B accounts can be process pretty darned quickly.

Part of this problem is ourselves. Our acceptance and over-reliance of the convenience of direct-deposit, online banking, etc. Convenience comes with a price.

I still pay my bills by check/mail. I like the power that gives me. Until very recently, I insisted on my company paying me by check instead of DD.

avatar

ApathyCurve

Oh, you're one of THOSE guys. I have a few pipe fitters who think like you. That check is no more "real money" than the DD transaction. News flash for you, junior: If the banking system collapses -- for whatever reason -- the cash in your pocket will be just as worthless as the check and the electronic deposit.

Did you enter your post from a typewriter? Maybe you sent it via telegram?

No, don't bother to answer; I don't care. I know the type. You think They are following your every move. Crawl back under your mossy rock and count your bullets.

avatar

jgrimoldy

HAHAHAHA!

So much rage.

You make many assumptions and instantly throw out the ad-hominem (look it up, son) attack to anyone that disagrees with you.

You're part of the problem. Instead of rational discussion, it's instant rage and visceral attack. Nice.

avatar

jgrimoldy

avatar

firefox91

Another day, another hack. Until a list of comprised sites comes out, I'm not changing anything. I just changed all that crap a couple of months ago after Heartbleed. None of my passwords are the same anyway so I only want to change what I need to change, not all of them. I will take my chances.

avatar

Bullwinkle J Moose

Changing passwords won't make a bit of difference

We are told this every time there is another breach

Today, Forbes is recommending you start using a password manager to protect you from hackers

How fucking ridiculous is that?

Should we use the one that does not contain vulnerabilities?

....and which one would that be?

They seem to have overlooked that little bit of information

Until the vulnerabilities are fixed at the source, changing passwords will do nothing to stop the breaches

avatar

Renegade Knight

The one that isn't connected to the web.

avatar

jgrimoldy

While I agree with your sense of futility, giving up in livid exasperation isn't an option.

Using a password manager would be better than using the same password for every site. At the very least, make your email password unique and difficult. Same thing with your online banking. You're probably already doing this anyway (Most MPC folks are sharper than average).

Vulnerabilities will never be completely fixed at the source. There will always be a hack. Always. I agree, that sucks.

Like with anything else, you don't need to be Fort Knox yourself, just more difficult and less enticing than the next guy.

A password manager is a good start. Keepass has very good two-phase authentication.

avatar

ddimick

I wish the media would learn the difference between passwords and password hashes. It's an important distinction, and one I would expect MPC to recognize.