Pony, a botnet made up of virus-infected computers from around the world, stole the passwords directly from users’ computers. According to Trustwave, “Pony’s main business still remains theft: stolen credentials for websites, email accounts, FTP accounts, anything it can get its hands on - grabbed and reported back home.”
The security researchers say that 1.58 million website credentials were stolen, as were 320,000 email credentials and 41,000 FTP account credentials. The botnet had collected passwords for Facebook accounts, Google accounts, Twitter accounts, Yahoo accounts and more.
In terms of the biggest data leaks of all time, this theft of 2 million passwords actually ranks pretty low. Still, if you haven’t changed your important online passwords lately, you should take a moment to create a few strong, new passwords. (Avoid these 10 terrible password ideas while you’re at it.)
[Privacy concept via Shutterstock]