Rambler didn’t publish the notification itself: it comes from serial breach-pimping website LeakedSource, which has recently outed several old breaches, including dumping cracked passwords.
Advertisement
Data breach monitoring service LeakedSource has obtained nearly 100 million user logins for Rambler.ru users, that were apparently obtained in hack of the site in February 2012.
The website is one most visited in Russian Federation, with services spanning across search, email, news and more, which sees it described as the Russia’s equivalent of Yahoo.
LeakedSource indicated in a recent blog post covering the leak that it had verified the contents of the leak, which were provided by a source known as “DayKalif” – the same source that provided their website with sensitive data stolen from Last.fm.
The Rambler database shows that its users had the same proclivity toward using weak passwords as users of other sites breached during the same period-the most common password, used by 723,039 users, was “asdasd”, followed by 437,638 accounts that used “asdasd123”.
The data set that LeakedSource has acquired contains details of 98,167,935 users.
The breach, which reportedly occurred back in February of 2012, has left over 98 million user records exposed. Therefore, cyber criminals may now be able to access multiple accounts owned by a Rambler user, simply through a trial and error method, using the account details they have obtained.
This latest “mega data breach” should serve as a reminder to use different passwords for each of your accounts, and to change them regularly, to ensure your accounts are secure.
The site competes with Russian social media giant VK.com a site that saw 171 accounts leaked in June.
Worryingly, numerous top 50 passwords used on Rambler were easy-to-remember credentials such as “123456” or “qwertyuiop”.
Advertisement
The entire cache from the leak is now included in its searchable database, LeakedSource added.
