The recent leak of 272 million email accounts may not be as dangerous as first reported. While the number is staggering, it turns out that the information could be either false or outdated; meaning that it is practically useless to anyone.
Mail.ru, who were set to be the hardest hit by the leak, examined a sample of the database and concluded that the email and password combinations failed to match anything it has on record. A situation that seems to cast doubt on the legitimacy of the data breach claim.
Hold Security, who had first informed of the breach, told Motherboard that the database is not exactly a breach. Instead, it is a collection of older breaches; something that hackers occasionally do to make a quick buck. Hold itself admits that while the database has an impressive number of emails, only a fraction of those are unique and have not been seen in other breaches.
Security expert Troy Hunt dismissed the danger of the breach; calling it a “non-event that is getting more headlines than the data warrants.”
The fact that Hold Security is not considering setting up a website for people to check if their email accounts have been compromised is another hint that the breach is unlikely to do any damage.
At the moment, it looks like there is no danger from this later leak. It also goes to show that there is a lot of old and outdated information floating around the black market for user accounts; with more than a few criminals willing to scam other unsavory types with useless information. Although, this really shouldn’t be surprising.