While I was writing about the BuzzersForum data breach, the news of another clamorous incident is circulating online, this time, the victim is of the Russian biggest web portals, Rambler.ru.
Rambler.ru is one of the largest websites in the world, it provides search, news, email, and advertising, it is a sort of Russian version of Yahoo. Company’s Russian competitors are Yandex, and Mail.ru.
It seems that the Russian internet website Rambler.ru has been hacked and 98 million accounts leaked online, but the most disconcerting news is that the giant stored passwords in plaintext.
According to breach notification service LeakedSource, the data breach occurred on 17 February 2012 and it hasn’t been reported in subsequent years.
The Rambler.ru data breach was reported by the same user who disclosed the incident occurred in 2012 at Last.fm that resulted in the leakage online of roughly 43 million accounts having the passwords were in cleartext.
“Nearly 100 million records have been leaked online in yet another “mega breach”, this time from the website Rambler.ru which for those who don’t already know, they are the “Russian version of Yahoo”. Rambler.ru was hacked for 98,167,935 users on February 17th, 2012 and this data set was provided to us by firstname.lastname@example.org who also provided the Last.fm mega breach.
Each record contains:
” reads the notification published by LeakedSource.
Leakedsource has verified the authenticity of the leaked credentials with the help of the journalist Maria Nefedova who works for xakep.ru.
“Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100% accuracy. Just like every single mega breach we have exposed before, attempts to contact Rambler by other journalists on our behalf have failed at the time of this post.” continues the notification published by LeakedSource.
Below the Top Ten passwords included in the data dump, similar to the VK.com data breach, passwords were stored in plain text.
(Security Affairs –Rambler.ru data breach, hacking)