Data Breach

Rambler.ru data breach, 98.1 million CLEARTEXT passwords leaked online

The data breach notification service announced the Rambler.ru data breach, more than 98 million CLEARTEXT passwords were leaked online.

While I was writing about the BuzzersForum data breach, the news of another clamorous incident is circulating online, this time, the victim is of the  Russian biggest web portals, Rambler.ru.

Rambler.ru is one of the largest websites in the world, it provides search, news, email, and advertising, it is a sort of Russian version of Yahoo. Company’s Russian competitors are Yandex, and Mail.ru.

It seems that the Russian internet website Rambler.ru has been hacked and 98 million accounts leaked online, but the most disconcerting news is that the giant stored passwords in plaintext.

According to breach notification service LeakedSource, the  data breach occurred on 17 February 2012 and it hasn’t been reported in subsequent years.

The Rambler.ru data breach was reported by the same user who disclosed the incident occurred in 2012 at Last.fm that resulted in the leakage online of roughly 43 million accounts having the passwords were in cleartext.

“Nearly 100 million records have been leaked online in yet another “mega breach”, this time from the website Rambler.ru which for those who don’t already know, they are the “Russian version of Yahoo”. Rambler.ru was hacked for 98,167,935 users on February 17th, 2012 and this data set was provided to us by daykalif@xmpp.jp who also provided the Last.fm mega breach.
Each record contains:

  • A username/email address
  • Password
  • ICQ # (yeah)
  • And some other internal data

reads the notification published by LeakedSource.

Leakedsource has verified the authenticity of the leaked credentials with the help of the journalist Maria Nefedova who works for xakep.ru.

Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100% accuracy. Just like every single mega breach we have exposed before, attempts to contact Rambler by other journalists on our behalf have failed at the time of this post.” continues the notification published by LeakedSource.

Below the Top Ten passwords included in the data dump, similar to the VK.com data breach, passwords were stored in plain text.

Unfortunately the Rambler.ru data breach is the last in order of time, the list of incidents is very long and includes other IT giants, such as LinkedInMySpace, DropBox, VK.com and Tumblr.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –Rambler.ru data breach, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

9 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

14 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

19 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

22 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.