1.2 Billion Reasons to Worry: Security firm reports Russian crime ring compromised 1.2 billion usernames and passwords

Posted on 08/05/2014 at 04:21 PM by John Lande

The New York Times reported today that a Russian criminal organization obtained over 1.2 billion username and password combinations, and more than 500 million email addresses. The information was gathered from 420,000 websites. The compromised websites include well known and lesser known websites.

The New York Times reports that the criminal organization has no intention of selling the data on the black market, yet. For now, the information will be used to send spam marketing to users for a fee.

This story highlights the ongoing security risks of operating online. The Heartbleed vulnerability, discussed by this blog, earlier this year was another. Users who have had their usernames and passwords compromised may not realize that this could also mean access to their financial websites is also compromised. Many online users have the same login information for multiple sites, so when one is compromised it means that all are compromised. This is a problem for banks because it could mean significant exposure due to Regulation E.

Banks should consult with their cybersecurity experts about the best way to safeguard their systems. They should also consult their legal counsel to make sure they understand their liability risks in light of these kinds of security breaches because there are different legal standards for consumer and corporate losses.

The material in this blog is not intended, nor should it be construed or relied upon, as legal advice. Please consult with an attorney if specific legal information is needed. 

- John Lande


Questions, Contact us today.

Contact Us


The material, whether written or oral (including videos) that is posted on the various blogs of Dickinson Bradshaw is not intended, nor should it be construed or relied upon, as legal advice. The opinions expressed in the various blog posting are those of the individual author, they may not reflect the opinions of the firm.  Your use of the Dickinson Bradshaw blog postings does NOT create an attorney-client relationship between you and Dickinson, Bradshaw, Fowler & Hagen, P.C. or any of its attorneys.  If specific legal information is needed, please retain and consult with an attorney of your own selection.

There are no comments yet.
Add Comment

* Indicates a required field