Hackers Steal Nearly 100 Million User Records from Rambler.ru

Share this…

Rambler.ru, Russia’s Yahoo, suffered a data breach in 2012. Rambler.ru, a website nicknamed Russia’s Yahoo, suffered a data breach in 2012 at the hands of unknown hackers, who managed to steal nearly 100 million user records, data breach index service LeakedSource reports.

According to data found inside the Rambler.ru data dump files, the incident took place around February 17, 2012, and included the details of 98,167,935 Rambler.ru users.

LeakedSource claims it received the data from a hacker using the daykalif@xmpp.jp Jabber ID. This is the same person who provided LeakedSource with the data dump from another 2012 hack, the Last.fm music streaming service.

Password data stored in plaintext

An analysis of the data shows that, for each user entry, there is a Rambler.ru username, which also doubles as a username@rambler.ru email address, an ICQ number (IM chat service), a password string, and some internal data. A screenshot of the Rambler.ru database schema is attached to this article below.

LeakedSource says that none of the password strings were hashed, being stored in plaintext in the database. This is similar to the VK.com data breach, where passwords were also stored in plaintext, without hashing or salting.

As you’d expect, the most common passwords were extremely easy to brute-force, including terms such as “asdasd,” “123456,” “000000,” “654321,” “123321,” or “123123.”

Leaked Rambler.ru data is valid

LeakedSource asked several journalists, including Softpedia, to assist in verifying the data. The data verification process took several days due to language barriers, so LeakedSource asked for help from local Russian media.

Journalist Maria Nefedova from Xakep.ru was able to verify the data’s authenticity. Softpedia’s requests for comment from Rambler’s management have remained unanswered at the time of writing.

LeakedSource touted more mega breaches in the upcoming weeks. Prior to Rambler.ru, the company received datasets from many other services. These are some of the hacks that came to light in the past month alone, thanks to LeakedSource: BTC-E, BitcoinTalk, Last.fm, Dropbox, Mail.ru, Leet.cc, and Social Blade.

Rambler.ru database schema

Rambler.ru database schema