At this point, it may be best to do a quick audit on your email password(s). Not that this particular hack retrieved your actual email password. However, in general, it’s a good thing to change your email password (or passwords for other services) every once in a while.
Knowing that today’s breach of millions of email addresses and passwords is a bit of a cause for concern, it’s best to keep in mind that although it is seemingly widespread, it’s also a reminder to keep on top of your security protocols, passwords, etc.
In the case of this hack, the passwords and email addresses, which include some from Gmail, Yahoo, and Russia’s mail.ru service, aren’t necessarily the keys to millions of email accounts. They were taken from various smaller, less secure websites where people use their email addresses along with a password to log in.
People who use a different password for both their email account and, say, Target.com, won’t be affected. But those who tend to use the same password for multiple sites as well as their email should change their email password.
The hacker appears to have been largely targeting Russian users. Some 57 million of the email addresses were from the country’s largest email provider mail.ru, which claims to have 100 million monthly users. Around 40 million of the addresses were from Yahoo Mail, 33 million were from Hotmail, and 24 million were from Google’s Gmail service.
In this case, the hacker had been bragging on Internet chat forums that he had a treasure trove of login credentials that he was trying to sell.
