February 25, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Quoted in Reuters Article, "360 Million Newly Stolen Credentials on Black Market: Cybersecurity Firm."
By Jim Finkle
A cybersecurity firm said on Tuesday that it uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets, though it is unsure where they came from or what they can be used to access.
The discovery could represent more of a risk to consumers and companies than stolen credit card data because of the chance the sets of user names and passwords could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system.
Heather Bearfield, who runs the cybersecurity practice for accounting firm Marcum LLP, said she had no information about the information that Hold Security uncovered but that it was plausible for hackers to obtain such a large amount of data because these breaches are on the rise.
She said hackers can do far more harm with stolen credentials than with stolen payment cards, particularly when people use the same login and password for multiple accounts.
"They can get access to your actual bank account. That is huge," Bearfield said. "That is not necessarily recoverable funds."