Millions of email account passwords may be compromised
A security expert claims that the safety of millions of email accounts have been compromised by a Russian hacker. So, if you use Gmail, Hotmail or Yahoo for you email it’s well worth changing your passwords.
According to Alex Holden of Hold Security, the details of 272.3 million emails accounts are being freely traded online having been obtained by a young Russian hacker. The most impacted email provider was mail.ru where the majority of users have had their details, including passwords, pinched. Other providers were affected too.
Holden says: “This information is potent. It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.”
The real risk here is whether you repeatedly use the same password across sites. The established pattern from such scams is that people may be using the same password and scammers try their luck to access other accounts a person may have.
Password security is always a bore but now is likely a good time to review your behaviour and change the most vital passwords you use online.
as usual the paranoia myth and overreaction cause more trouble than an actual hack
I have always considered that the Password for such as my email provider was mine alone. Yet I was trying to re-sign up for a particular Website and it wanted my email Password(it didn’t get it and what it did get was an irate email from me telling it why I was not going to give it). But why do so many Websites require applicants to provide the email address and then the Password???
Obviously if they get the Password they can compromise your email or whatever. But why do websites that on the surface are honest and respectable even ask for the password. In my case if Daltons the Commercial Property site block me out..well so be it but I am not going to give them my password.
In case anybody wonders why I am trying to get onto Daltons it is because I am looking for a Commercial Property in Cornwall. But up until now they continue to give me details of just about the whole of the UK with the possible exception of Cornwall. So so far they are just wasting my time.
Chris T – I think that you have got that wrong! What they want is your email address which then acts as both a unique user ID on their site as well as a comms channel. They then want you to create/enter a password to use on their site as a ‘secure’ login for that email address. It is not the password for your email account.