The report from Reuters is based on the claims of security expert Alex Holden, the founder and chief information security officer of Hold Security. The breach is said to be huge and contains the usernames and passwords of 57 million accounts for Russian mail provider Mail.ru, along with 40 million Yahoo Mail credentials, followed by 33 Hotmail accounts, and 24 million Gmail accounts.
In addition to the email breach, it was also discovered that German and Chinese email addresses and usernames and passwords associated with employees of US banking, manufacturing, and retail companies were part of the overall breach. Apparently Hold Security discovered this breach when a hacker was attempting to sell the information for less than $1 (yup, you read that right, a dollar).
So far only Mail.ru has responded to the hack by issuing a statement that reads, “We are now checking, whether any combinations of usernames/passwords match users’ e-mails and are still active.” Microsoft has also issued a statement that says, “Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access.”
We have not heard from Yahoo or Google yet.