Rambler.ru data breach, 98.1 million CLEARTEXT passwords leaked online

The data breach notification service announced the Rambler.ru data breach, more than 98 million CLEARTEXT passwords were leaked online.

While I was writing about the BuzzersForum data breach, the news of another clamorous incident is circulating online, this time, the victim is of the  Russian biggest web portals, Rambler.ru.

Rambler.ru is one of the largest websites in the world, it provides search, news, email, and advertising, it is a sort of Russian version of Yahoo. Company’s Russian competitors are Yandex, and Mail.ru.

It seems that the Russian internet website Rambler.ru has been hacked and 98 million accounts leaked online, but the most disconcerting news is that the giant stored passwords in plaintext.

According to breach notification service LeakedSource, the  data breach occurred on 17 February 2012 and it hasn’t been reported in subsequent years.

The Rambler.ru data breach was reported by the same user who disclosed the incident occurred in 2012 at Last.fm that resulted in the leakage online of roughly 43 million accounts having the passwords were in cleartext.

“Nearly 100 million records have been leaked online in yet another “mega breach”, this time from the website Rambler.ru which for those who don’t already know, they are the “Russian version of Yahoo”. Rambler.ru was hacked for 98,167,935 users on February 17th, 2012 and this data set was provided to us by daykalif@xmpp.jp who also provided the Last.fm mega breach.
Each record contains:

• A username/email address
• Password
• ICQ # (yeah)
• And some other internal data

” reads the notification published by LeakedSource.

Leakedsource has verified the authenticity of the leaked credentials with the help of the journalist Maria Nefedova who works for xakep.ru.

“Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100% accuracy. Just like every single mega breach we have exposed before, attempts to contact Rambler by other journalists on our behalf have failed at the time of this post.” continues the notification published by LeakedSource.

Below the Top Ten passwords included in the data dump, similar to the VK.com data breach, passwords were stored in plain text.

Unfortunately the Rambler.ru data breach is the last in order of time, the list of incidents is very long and includes other IT giants, such as LinkedIn, MySpace, DropBox, VK.com and Tumblr.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –Rambler.ru data breach, hacking)