It turned out that 272 million e-mail addresses and passwords leaked from Gmail, Hotmail, Yahoo!, etc.

ByAutomobile Italia

From webmail services like Gmail, Hotmail, Yahoo!, and Mail.ru, widely used in Russia,A total of 227 millionIt turned out that a tremendous number of e-mail addresses and passwords were set out as a set. For details, it is said that each service is under investigation, but it is better to change the password for worried person just in case.

Hold Security Recovers 272 Million Stolen Credentials From A Collector - Hold Security
http://holdsecurity.com/news/the_collector_breach/

Exclusive: Big data breaches found at major email services - expert | Reuters
http://www.reuters.com/article/us-cyber-passwords-idUSKCN0XV1I6

Webmail firms probe login 'leak' - BBC News
http://www.bbc.com/news/technology-36204531

The biggest class of spill incident in history was revealed by security company "Hold Security". According to Alex Holden, the company's founder, Mail.ru was 57 million, Yahoo! 40 million, Hotmail 33 million and Gmail 24 million. Besides that it contains addresses of German and Chinese mail service.

The incident came about as the Hold Security staff found content that boasts of their own hacking in a forum with young Russian hackers. The Russian hacker owned 1.17 million address information obtained by hacking in total, and it seems to have announced that it is preparing to distribute data for real free to those who want it. Amazingly, under the terms of the distribution, the content that the Russian hacker showed was "to write content that praises himself in the forum". And it seems that it was supposed to give all data to only 50 rubles (about 80 yen) to the person who satisfies this condition.

ByBrian Klug Follow

According to Hold Security which analyzed the data, the total number of data excluding duplications is "227 million cases" at the beginning, including those with the same address set with different passwords It is said that. Mail.ru who received the report investigated and announced that actual damage situation is not so serious as expected. When actually examining the matching of the user name and the password, it is said that most of what is being used at present is not found.

This indicates that the old data that changed the password in the past is included as it is, but Mr. Holden notes that this should not be relieved. The reason is that users tend to keep using the same password. Generally, when setting a password, there is a tendency to use something that can be remembered immediately, and in order not to carelessly forget it, since it tends to use passwords with multiple services, restore old passwords It is not unusual to use it again, so we are doing.

Because Google, Yahoo!, Microsoft are currently under investigation, he is refraining from commenting on the coverage of the press.

Although the terrible incidents that a lot of account information was released in the state of "substantially free distribution" have been discovered, the self-defense measure that the user can take is exhausted to strengthen the management of the password anyhow I will. Such as "1234" or "abcdefg"A password that anyone can come up withAvoid thoroughly, regularly update your password with a complicated password made with password generation software etc,Password management softwareIt seems to be important to keep in mind the measures to manage with.

◆ 2016/05/09 additions
Although it is news of the leakage of mail information which was widely reported worldwide, there is also a viewpoint that doubts the content on the other hand. Ars Technica did not report this news at all because the reason was that there was a doubt about the credibility of the outgoing email. Immediately after the fear of spill was revealed by Hold Security, a mail service provider such as Mail.ru and Google whose name was being discussed carried out a survey, but most of the addresses and passwords which are said to have been leaked do not exist That is why it was reported that it was wrong contents. Ars Technica is also doubtful about the open policy of Hold Security.

Garbage in, garbage out: Why Ars ignored this week's massive password breach | Ars Technica
http://arstechnica.com/security/2016/05/the-massive-password-breach-that-wasnt-google-says-data-is-98-bogus/