Today, the Security Service of Ukraine (SSU) announced that it has detained the hacker, known as Sanix, who caused a stir last year for trying to sell a database with 773 million email addresses and 21 million unique passwords. Officials say that 87-gigabyte database was only a fraction of the stolen data Sanix collected. He allegedly had seven similar databases, which held personal and financial data from residents in the European Union and North America.
The stolen data included email passwords, bank card PIN codes, e-wallets of cryptocurrencies, PayPal accounts and info about computers hacked for botnets and DDoS attacks. In a raid of Sanix’s residence, law enforcement confiscated equipment with two terabytes of stolen information.
As KrebsOnSecurity points out, much of the data Sanix amassed was years old and was a compilation of compromised credentials primarily stolen in public breaches. But as recently as this month, Sanix was allegedly selling access to universities and a compromised VPN account for the government of San Bernardino, California.
If nothing else, this speaks to the massive amount of personal information floating around on the internet, ready to be scooped up by hackers like Sanix. It should also be a reminder to make sure your accounts are as secure as possible.