Passwords hacked in a massive attack include nearly 2,000,000 usernames and passwords for accounts at Yahoo, Twitter, Google, and Facebook among other websites. A CNN report from Dec. 4, 2013 said that the passwords were hacked as a result of a virus that was installed on countless computers all over the world and controlled by a server in the Netherlands.
This key logging software virus recorded usernames and passwords for affected websites over the course of a month. The stolen information was then moved to a server that was under the hackers' control. The malicious software is referred to as Pony Botnet Controller, according to Trustwave.
Late last month,Trustwave researchers tracked the server, which was located in the Netherlands. Trustwave found that in excess of 93,000 websites were impacted. In addition to the aforementioned Yahoo, Twitter, Google and Facebook usernames and passwords hacked, the password hackers stole information from Odnoklassniki, which is a popular social network in Russia. Trustwave conjectured that many of the 2 million users whose usernames and passwords were compromised may be Russian-speaking users.
ADP and LinkedIn accounts and passwords were also hacked.
Trustwave security research manager John Miller said, "We don't have evidence they logged into these accounts, but they probably did."
Trustwave contacted the impacted websites and also posted their findings about the passwords hacked online. The following figures come from their site.
~1,580,000 website login credentials stolen
~320,000 email account credentials stolen
~41,000 FTP account credentials stolen
~3,000 Remote Desktop credentials stolen
~3,000 Secure Shell account credentials stolen