Rambler.ru Hackers Dump 100 Million Passwords Online

In our now-routine data alienation posts, today we are looking at Russian federation's biggest cyberspace portal and email provider. Breached in 2022, hackers accept at present leaked information of nearly 100 one thousand thousand users of Rambler.ru.

Rambler.ru stored passwords with no encryption

Known as Russian federation's Yahoo, this is however another major breach from 2022 that has now resurfaced. LeakedSource has revealed that information technology has received a copy of the Feb 2022 dump of user database of Rambler.ru. Rambler is a Russian news, search and e-mail portal. The information dump includes usernames, passwords, ICQ instant messaging numbers, social account details, and some internal data of over 98 million users.

The data set that LeakedSource has acquired contains details of 98,167,935 users. The site was originally hacked into on 17 February 2022, simply went unreported. While many previous data dumps that we have seen so far in this yr had at least some of the encryption of passwords, Rambler. Ru passwords are in plaintext. Since the portal stored passwords in cleartext, hackers have had consummate and instant access to electronic mail accounts of all Rambler-ru users. This is similar to VK.com breach, which also gave instant access of 171 one thousand thousand user passwords to hackers. Once more a Russian website, the social networking site too stored passwords in plain text format.

Weak password saga continues

Rambler.ru data dump follows other mega breaches that accept resurfaced in the recent months. Starting from LinkedIn, Tumblr to MySpace and Dropbox, we are looking at massive amounts of available data.

The latest database besides confirms the dangerous habits of using weak passwords. Rambler database revealed that 723,039 accounts had "asdasd" as their countersign. "asdasd123" was the second well-nigh popular countersign with half a million users. These are followed past the numerical sequences, such as 123456, 00000, 654321, 123123, and and so on.

While LinkedIn, Concluding.fm and other like accounts may non e'er carry critically personal information about users, this is an email service we are talking about here. Using weak passwords for services with high level of private data is e'er a dangerous news. Considering the lack of response from Rambler.ru, there might take been a number of accounts who could have been targeted with malware, ransomware or fifty-fifty caught up in identity theft cases.

LeakedSource has added the data into its database. Users tin can now cheque if they have been compromised using the site's search engine. Rambler. Ru has however to comment on the breach.

Update: Rambler & Co Group'southward response to the breach

Nosotros take received the following response from Rambler & Co via email. Unlike what LeakedSource had said, Rambler comments that the alienation actually happened in March 2022. The Group hasn't countered the claims of passwords bachelor in plaintext. However, it does say that the visitor now hashes the passwords. Following is the official statement ( emphasis is ours).

Nosotros know about that database. Information technology was leaked March 2022 and contained millions of accounts. Right after the accident we forced our users to change their passwords.

Nowadays situation like that is impossible. Nosotros do not store passwords in manifestly text, all data is encrypted (passwords ARE hashed), we take added mobile phone verification option and constantly remind our users about the necessity of changing passwords. Nosotros also have forbidden to use the previously used passwords for the same business relationship.