Russian Hackers Gained Access to Hundreds of Millions of Email Account; Here’s How to Defend Your Privacy Online

In an alarming revelation, reports have emerged that Russian hackers have gained access to a staggering 250 million usernames and passwords belonging to users of major email services. These include widely used platforms such as Yahoo Mail, Hotmail, and Gmail, according to a [report from Reuters](http://www.reuters.com/article/us-cyber-passwords-idUSKCN0XV1I6). The aftermath of this security breach sees these stolen credentials now circulating in the underground network known as the dark web. Users are urged to strengthen their passwords as a immediate measure.

This discovery was sparked off by Hold Security researchers, who found a young Russian hacker boasting in an online forum about his large collection of stolen credentials. Upon relevant deductions, it was discerned that this hacker was ready to give away a staggering total of 1.17 billion records.

Alex Holden, founder of Hold Security, further revealed that the cache contained almost 57 million Mail.ru accounts – nearly the total monthly active email users, which Mail.ru reported to be approximately 64 million by the end of 2020. In addition, there were also tens of millions of credentials for three globally dominant email providers, namely Gmail, Microsoft and Yahoo. This unfortunate discovery indicates that Mail.ru users have been hit the hardest.

Perhaps the most alarming revelation from this report is that these hacked accounts are being sold in the Russian black market for a nominal fee – less than a dollar or fifty rubles. With passwords being compromised so easily, several top companies have begun undertaking measures in the direction of password elimination, substituting them with biometrics and other advanced forms of security.

MasterCard, for instance, [announced its plan](https://www.techbooky.com/post-title/mastercard-to-replace-the-password-with-selfies-and-fingerprints/) to replace traditional passwords with biometrics such as facial recognition and fingerprints. Major mail services like Gmail and Yahoo are considering similar security enhancements for their users, as no provider is immune to cyber threats.

While these advancements are under development, there are steps you can take to protect your online presence. It’s valuable to note that the breached Mail credentials were primarily Yahoo Mail, composing 15% of the 272 million unique IDs discovered. Microsoft Hotmail followed up with 12%, and Gmail counted for 9%.

Here are some preemptive steps you can take:

1. Be judicious when using public Wi-Fi.
2. Utilize two-factor authentication for added security.
3. Vigilantly update your password – remember to include uppercase letters and special characters for added security.
4. Stick to using trusted email providers.
5. Share your device (mobile or PC) cautiously with others.
6. Keep your password always confidential.

Read more on this [here.](http://www.wikihow.com/Protect-Your-Email-Account-from-Hackers)

It’s important to note that the majority of the breaches were not due to compromised email provider servers. As Google highlights in this [blog post](https://security.googleblog.com/2014/09/cleaning-up-after-password-dumps.html), users have a significant role in protecting themselves online. By adhering to optimal digital hygiene practices, we can collectively reduce the vulnerability to such massive security breaches.

This article was updated in 2025 to reflect modern realities.