Russia: The biggest search engine “Rambler” has faced a major security hit, with 98,167,935 usernames and passwords exploited publically.
The exploit is an installment of ongoing revelations of past breaches on a well-acclaimed hack notification site “LeakedSource”. The site has received a dataset, consisting of about 100 million usernames, passwords and email addresses of Rambler users. That said, the breach initially took place in 2012, but has been exposed recently.
In addition to this, LeakedSource has confirmed that the majority of passwords were too weak and stored without any encryption. The most frequently utilized passwords include “asdasd”, “asdasd123”, “123456”, “000000” and “666666”.
“Rambler” which is also known as alternate to Yahoo, serves about millions of Russians through email, news, and e-commerce. However, Rambler Media Group hasn’t responded to the incident, and the reason behind the hack remains unknown.
“Our best guess was some sort of Apache or Linux related 0-day. It could also be password re-use: hack LinkedIn and now you have access to corporate networks via password re-use but there’s no way to be sure until we find the sources and ask them. They are really only surfacing now because we’ve found the people who have them.”
An Official Statement by LeakedSource
How to Know If You’ve Been Among The Victims
The exploit has occurred and confidential information of millions of users is exposed online. However, to make sure that you’re on a safe side, you can check that if the breach data includes your information as well. Here’s how to check if the hack has victimized you:
- Access internet browser from your device
- Visit the official site of LeakedSource
- You will be presented with the following screen, enter your username or email that you had used for singing up at LeakedSource
- Next, hit “Search”
- Finally, the site will inform if the Rambler hack has compromised your information.
In case, you find yourself among the compromised users; then we suggest you change your passwords immediately. Moreover, replace the credentials for all of your accounts which share same username and password.