With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week we're in Germany where officials have found the second mass user account hacking this year…
Last week German officials confirmed that 18 million email address and passwords were hacked in a mass data breach. The details of the breach are still being investigated by the country's Federal Office for Information Security, but here is what we know:
- The breach was discovered while investigating a botnet used to send spam emails (see diagram on right).
- The stolen information is also being used to make online purchases where users are using the same email/password combination.
- The discovery originated from the north western German city of Verden, but the compromised accounts are from all over the world.
- It's likely that a mass malware attack was used to steal the credentials, meaning millions of computers are probably still infected.
This is not the first time German authorities have found a mass data breach – just 3 months ago the BSI announced that 16 million German user accounts were compromised. These attacks show the importance of not reusing passwords across multiple sites, and using encrypted password vaults like LastPass, 1Password, KeePassX, etc. to create complex, unique credentials for all your online accounts.