Nearly 100 million usernames and passwords from a Russian internet giant called Rambler have surfaced online in the latest in a long line of hacks that first occurred back in 2012.
According to breach notification website LeakedSource, which obtained a full copy of the dataset, the leak consists of 98,167,935 records in total and includes usernames, passwords and email addresses. The Rambler web portal, which has been dubbed the Russian version of Yahoo, was reportedly hacked on 17 February 2012.
The data was provided to LeakedSource by a source called "DayKalif", who also provided access to a previous dump of sensitive information from Last.fm. In a blog post, the firm said it had verified the contents of the leak and uploaded the content to its searchable database for users to check if they are affected.
The passwords uncovered in the data dump were reportedly stored without encryption in a plaintext format. Furthermore, they were shockingly weak. The top five credentials were 'asdasd' (723,039), 'asdasd123' (437,638), '123456' (430,138), '000000' (346,148) and '666666' (249,812).
First launched in 1996, Rambler offers internet services to millions of Russian users including email, news portals and online shopping. The main competitors of the web giant include Yandex and Mail.ru – the latter of which recently suffered its own catastrophic hacking attack.
IBTimes UK attempted to contact Rambler.ru for comment however had received no response at the time of publication. LeakedSource said that multiple attempts to reach the service went unanswered. Exactly how the data was first leaked and who orchestrated the hack remains unclear.
Asked why the data is only surfacing now, LeakedSource told IBTimes UK: "Our best guess [is it] was some sort of Apache or Linux related 0-day. It could also be password re-use: hack LinkedIn and now you have access to corporate networks via password re-use but there's no way to be sure until we find the sources and ask them. They are really only surfacing now because we've found the people who have them."
The so-called "mega-breaches" from this time period – including Russian social media platform VK which compromised a similar amount of records – continue to mount. Other recent examples of historic – but still exploitable – leaks include Myspace, Yahoo, Dropbox and LinkedIn.
Nearly every single one of these major leaks have since been put up for sale on various underground marketplaces. Most recently, an online vendor called "doubleflag" published a selection of the hacks – Dropbox, uTorrent and BitcoinTalk forum – to the Dark Web which are now available for anyone to purchase.