Pramatr Blog

Recently 10,000+ Yahoo!, Hotmail, Gmail, AOL, Earthlink and Comcast etc. accounts were compromised through phishing scams and uploaded to places such as pastebin. Mass pandemonium ensued, various sites and even radio and television announced the breaking news. In one respects the scale of the hack was quite significant, the numbers quite hard to comprehend but should we be recording this hack into the records books just yet ?

A Record Breaker ?
According to Rik Ferguson, a security researcher at Trend Micro, the number of accounts is not all that special  its, “simply the ugly backside of online crime sticking out of the water for a second as they dive back into murkier depths“. On a regular day around the hacking ether you can found compromised accounts being sold and shared, the numbers often go beyond the reported 20-30000 hacked. For spammer’s a collection of compromised accounts helps increase the chances of success, each account has an address book brimming with lists of trusted contacts waiting to fall victim.

So we don’t need to record this number just yet, however if we remember only accounts starting with the letters A and B have only been made public so far, maybe a taste for more to come ?

Cost of Accounts
To further add salt to the wound the actual financial reward of these 10,000 accounts is quite nominal. A quick look reveals 1,000 hacked accounts are charged at $15, taking the dealers bulk order discount, for 10,000 hacked accounts it costs you $120 with a 100% replacement guarantee if any accounts is invalid – with a great deal like that these hackers should be out selling cars!

It seems a measly 10,000 accounts isnt even worth getting out of bed for.