911
September 6, 2016 by

‘Russian Yahoo’ Rambler.ru Breached, 100 Million Records Leaked

A mind-boggling 100 million records have been leaked online in what is sure to count as a mega-breach. The website, this time, is Rambler.ru, commonly touted as the “Russian version of Yahoo”.

Data breach notification website LeakedSource has revealed details of yet another mega-breach that has remarkably gone unreported since occurred over three years ago.

Rambler.ru, a Russian email provider that is also popularly known for it Yahoo-like homepage and features was hacked on February 17, 2012. A total of 98,167,935 accounts were accessed and stolen. Each record included the user’s username and email address, password, ICQ id and other internal data.

Most notably, the passwords were stored in unencrypted plaintext, which essentially revealed users’ passwords outright to Rambler employees.

LeakedSource added that it was able to verify the database with the help of Rambler users who were able to fill in portions of their passwords attached to their accounts that were included in the breach, with complete accuracy.

Nearly all 98 million accounts in the leak end with the suffix @rambler.ru. While the service owns other domains, they are rarely used.

Rambler.ru joins the likes of Last.fm and LinkedIn who also saw their networks and databases breached in 2012. MySpace and Tumblr, for instance, were breached in 2013.

Among the largest websites in the world, Rambler.ru is also the most visited websites in the entirety of Russia. The company offers news coverage, its vital search engine, email, advertising and more. It competes with other Russian behemoths such as Yandex and Mail.ru, the latter which suffered its own breach recently, for a second time this year alone.  In fact, the last time any breach of this size revealed a company to be using plaintext passwords was during the breach of Russian social networking website VK.com.

LeakedSource has since added the cache of the leak to its searchable database after verifying its contents.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Breach Database Website LeakedSource Busted by Feds

LeakedSource, a breach notification website that also sold database access to over 3 billion hacked...

Read more arrow_forward

45 Million Login Credentials Stolen from Over 1000 Websites

  Troves of records from data breaches just do not know when to quit. Some 45 million logins from...

Read more arrow_forward

117 Million LinkedIn User Credentials up for Sale

A hacker who goes by the moniker “Peace” is trying to sell LinkedIn account information...

Read more arrow_forward