Hundreds of millions of stolen email usernames and passwords and are illegally sold on the Russian sites and forums, an expert in the field of information security told Reuters.
The discovered 272.3 million stolen accounts include data of most Mail.Ru users, the most popular email service in Russia, as well as, in smaller quantity, Google user accounts, Yahoo (NASDAQ: YHOO) and Microsoft (NASDAQ: MSFT), said Alex Holden, the founder and leading specialist in the field of information security of the American company Hold Security.
This is one of the largest cases of identity theft discovered after the cyber attacks on major US banks and retailers two years ago.
Earlier, Holden helped to uncover some of the largest leaks in the world suffered by tens of millions of users of Adobe Systems, JPMorgan and Target.
Hold Security researchers have found on an Internet forum a young Russian hacker, who boasted that he had collected and is ready to give details of 1.17 billion accounts.
The experts found that the information includes 57 million accounts of Mail.ru - a significant proportion of the 64 million monthly active users of the service at the end of the last year - as well as tens of millions of accounts of the world's largest e-mail services, Gmail, Microsoft and Yahoo, and hundreds of thousands of accounts of the German and Chinese email services.
"This is powerful information; it circulates in the underground, and this man has shown that he wants to give information to people who are kind to him." - Holden said; 50 rubles a piece.
The mystery was that the hacker asked for only 50 rubles for all the data. However, he gave them only after the researchers agreed to publish positive comments about him on hacker forums, Holden said. According to him, in accordance with company policy, it does not pay for stolen data.
Such large-scale leakage can be used for further hacking or phishing attacks.
A Microsoft spokesman said the data theft is a harsh reality.
"Microsoft uses security measures and asks for additional information to verify the account holder, as well as to help him to regain control of the account," - he said.
Yahoo and Google did not respond to requests for comment.
According to Holden, the number of compromised Yahoo Mail accounts was 40 million, or 15 % of the 272 million unique accounts; Microsoft Hotmail - 33 million accounts, or 12 %, and Gmail - almost 24 million, or 9 %.