News came out today that there are 1 billion usernames and passwords floating about from Russian gangs. An excerpt is as follows:
The firm that uncovered the breach, Hold Security of Milwaukee, said a group of about 20 hackers from south-central Russia are to blame. The group, dubbed “CyberVor” (“vor” meaning “thief” in Russian), stole data from thousands of businesses Web sites, both small and large, and even from personal Web sites.
It appears the firm initially planned to charge for its services. According to Forbes reporter Kashmir Hill, after the Times story ran Hold Security’s Web site advertised its services to potential victims of the breach for “as low as 120$/month [sic]” with a “money back guarantee.”
Wall Street Journal reporter Danny Yadron noticed Hold’s ad and tweeted about it. It was quickly taken down. A modified version has since appeared offering pre-registration for the free 30-day trial.
We at Canary do not like this idea as you as an individual should know about any compromise of your personal information without having to pay a broker for details.
As a result of this, we are announcing that by October, individuals will be able to sign up for a free alerting service. All that will be required from you is to sign up with an e-mail address you want monitored and we’ll go from there. In fact, go ahead and register right now and we’ll approve your account, allowing you to have it monitored right off of the bat once the service is active.
Commercial users are (for now) free to sign up in anticipation of the service but it is asked that you consider a donation to Canary’s parent organisation. Individuals are not requested to do this but are also free to support us as well.
Also we need help!
Canary would love to have financial support, but what right now is really needed more is data.
We want lots of data. We want to fill up hard drives with data.
If you’re interested in helping scrape, please contact us. We’re looking for data from the following types of sources:
- Pastebin-like sites
- Resources hosted via TOR
- Message boards
- Non-English-based websites
We also welcome other sources should you have the ability to access them and have an idea on how to send it.