A mind-boggling 100 million records have been leaked online in what is sure to count as a mega-breach. The website, this time, is Rambler.ru, commonly touted as the “Russian version of Yahoo”.
Data breach notification website LeakedSource has revealed details of yet another mega-breach that has remarkably gone unreported since occurred over three years ago.
Rambler.ru, a Russian email provider that is also popularly known for it Yahoo-like homepage and features was hacked on February 17, 2012. A total of 98,167,935 accounts were accessed and stolen. Each record included the user’s username and email address, password, ICQ id and other internal data.
Most notably, the passwords were stored in unencrypted plaintext, which essentially revealed users’ passwords outright to Rambler employees.
LeakedSource added that it was able to verify the database with the help of Rambler users who were able to fill in portions of their passwords attached to their accounts that were included in the breach, with complete accuracy.
Nearly all 98 million accounts in the leak end with the suffix @rambler.ru. While the service owns other domains, they are rarely used.
Rambler.ru joins the likes of Last.fm and LinkedIn who also saw their networks and databases breached in 2012. MySpace and Tumblr, for instance, were breached in 2013.
Among the largest websites in the world, Rambler.ru is also the most visited websites in the entirety of Russia. The company offers news coverage, its vital search engine, email, advertising and more. It competes with other Russian behemoths such as Yandex and Mail.ru, the latter which suffered its own breach recently, for a second time this year alone. In fact, the last time any breach of this size revealed a company to be using plaintext passwords was during the breach of Russian social networking website VK.com.
LeakedSource has since added the cache of the leak to its searchable database after verifying its contents.
Image credit: Pixabay.