A Russian crime syndicate has apparently stolen over 1 billion internet usernames and passwords from hundreds of thousands of websites, the New York Times is reporting. Hold Security, a cybersecurity firm in Milwaukee, first made the discovery. According to the firm’s founder Alex Holden, the hackers targeted not only US companies that are household names, but pretty much any website they could break into.
The latest hack, one of the largest in recent memory, came just eight months after the sizable Target credit card breach, and its aftermath is still being felt by both consumers and the Minnesota-based retailer.
Given the size and frequency of these breaches, is it time for us to move beyond the simple username-and-password combination for web security?
Orla Cox, Security Operations Manager, Symantec Security Response, Symantec, an information security and information management firm. She is currently at the Black Hat conference in Las Vegas
Stan Stahl, President, Citadel Information Group in Los Angeles; President, Los Angeles Chapter of the Information Systems Security Association. He’s been working in the field of information security since the 1980s