The usernames and passwords of 98.1 million users of Russia’s largest Web portal, Rambler.ru, have been stolen and posted online.Although the hack actually occurred back in February of 2012, the login names and passwords just recently were posted online, according to a blog post from breach notification site LeakedSource. The data, which included e-mail addresses, passwords, ICQ and other internal data, had been stored without any encryption or hashing — meaning they were listed in plain text.
“We verified this database with the help of journalist Maria Nefedova who works for xakep.ru. Specifically we sent three of her friends the first portion of the passwords found attached to their accounts in this breach, and they were able to accurately fill in the rest (4-6 characters each) for us with 100 percent accuracy,” the blog post reads.
“Nearly all of the emails in the leak end in @rambler.ru and although they apparently own a few other domains, the other domains are rarely used.”
LeakedSource listed the 50 most popular breached passwords. asdasd and asdasd123 took the top two spots followed by 123456, 000000 and 666666.
Rambler, thus far, has declined to talk to the media about the breach.