Germany: 16 million email accounts may be compromised

  • 21 January 2014
  • 1 reply
  • 3448 views

Userlevel 7
Badge +54
In Germany, around 16 million email addresses, user names, and passwords may have been stolen, according to an announcement on Tuesday from the country’s Federal Office for Information Security.

The theft was discovered through an analysis of botnets — collections of malicious software that an attacker can use to carry out tasks like collecting user information or sending spam. Because an investigation is ongoing, the office has not released any additional information about who was responsible, or how long the attack had been going on.

The Federal Office of Information Security has set up a website where people can check if their email accounts have been compromised. Concerned internet users can submit their email address, after which they will receive a four-digit PIN number. If the email address has been compromised, the user will receive an email with a matching PIN number. Although the office has the list of all 16 million email addresses, German law says that it cannot contact these users directly without explicit permission. The site has reportedly crashed at least once since coming online, presumably due to overwhelming demand.

The office has advised those with compromised email addresses to change their passwords to "social networking sites, online shops, email accounts and other online services;” and check their computers for malware and viruses.
 
Source Article

1 reply

Userlevel 7
Badge +54
Officials in Germany have warned that large networks of hijacked, hacker-controlled PCs – aka botnets – have harvested 16 million email address and password combinations for websites and other online services.

The (German Office of Information Security) BSI said cops and security researchers have been closely following armies of computers that have been infected by malware to spy on users and send spam. The investigators found the machines had gathered a vast collection of email addresses and passwords for mail accounts, social networking websites and all sorts of services: the sensitive credentials were lifted wholesale from infected systems and phishing emails sent from the botnets' drones.

The BSI and Deutsche Telekom have this week set up a German-language site where users can check their email addresses against the miscreants' database.
 
Full Article

Reply