Why You Shouldn't Panic Over That Russian Hack
Skeptics think threat is overblown, for a variety of reasons
By John Johnson, Newser Staff
Posted Aug 6, 2014 1:22 PM CDT
Updated Aug 6, 2014 1:50 PM CDT
   (Shutterstock)

(Newser) – The New York Times struck fear into Internet users everywhere yesterday with its report that Russian hackers had gotten hold of a staggering 1.2 billion username and password combinations. But is the threat exaggerated? At Forbes, Kashmir Hill finds it a little fishy that Hold Security, the Wisconsin security firm that uncovered the breach, began offering a service for $120 a year that allows people to see whether they've been affected. It went public about the same time the Times story got posted. "I am skeptical of a firm with a financial incentive in creating a panic to be the main source for a story that causes a panic," she writes. "If nothing else, it should be disclosed in the New York Times story that the firm that reported a major breach hoped to directly profit from it."

At the Verge, meanwhile, Russell Brandom sees a few holes in the account of the alleged hack itself. For one thing, it's not clear whether the so-called CyberVor hackers stole the data themselves or bought it from others. If it's the latter, "many of the passwords could have been old data from someone else's hack," and thus less of a threat. "The biggest red flag of all, though, is that CyberVor isn't trying to sell the data or use it to steal actual money." Instead, they're apparently using it to create low-grade Twitter spam, suggesting that this "data is more about quantity than quality." Bottom line? It's still sound advice to change your passwords regularly, "but full-blown panic is probably overkill on this one," writes Kevin Roose at the Daily Intelligencer.

More From Newser
My Take on This Story
To report an error on this story,
notify our editors.
Why You Shouldn't Panic Over That Russian Hack is...
7%
15%
6%
60%
3%
8%
Show results without voting
You Might Like
Comments
Showing 3 of 14 comments
heretoday
Aug 7, 2014 8:42 AM CDT
1.1 Billion of them are obsolete AOL usercodes and passwords.
JERZJOE
Aug 6, 2014 9:46 PM CDT
I give u the.. NY TIMES- all the News that's not Accurate but will print it anyway! There ya go!
Xavier_Thyme
Aug 6, 2014 9:36 PM CDT
Naaah! An American corporation wouldn't do that, would it? I mean create a panic situation from which it could profit?