Ukraine authorities bust hacker trying to sell 21M stolen passwords

Ukraine authorities bust hacker attempting to sell 773M passwords and usernames in a ‘megabreach’ that compiled years worth of stolen data

  • Ukraine’s security service arrested a hacker called Sanix 
  • Sanix was arrested in connection with a database of 773M stolen passwords an usernames
  • A police raid also turned up two terabytes of other stolen data 
  • The hacker was also shopping around credentials to dozens of universities 

Ukraine authorities say they’ve arrested a suspect behind a cache of 773 million stolen passwords and usernames. 

According to KrebsOnSecurity, the Security Service of Ukraine (SBU) said it detained a hacker known as Sanix in association with the stolen data set which first came to light last year.

In addition to the 87 GBs of stolen data, which included 21 million unique passwords, Ukranian authorities say they also uncovered similar databases that contained financial information on European and North American citizens. 

A hacker known as Sanix was arrested in connection with a stolen data set containing 773 million passwords and usernames (stock)

In all, a raid on the suspect’s house turned up two terabytes of stolen data according to the SBU. 

As noted by KrebsOnSecuity, while the cache of passwords was at the time labeled ‘the largest collection of stolen data in history’ much of the data had actually been previously leaked in old data breaches and was simply compiled by Sanix.

According to Ukrainian authorities evidence found on the suspect’s computer included:

‘logins and passwords to e-mail boxes, PIN codes for bank cards, e-wallets of cryptocurrencies, PayPal accounts, and information about computers hacked for further use in botnets and for organizing distributed denial-of-service (DDoS) attacks.’ 

As noted by KrebsOnSecurity, outside of that particular trove of passwords and usernames, Ukranian officials may have had other reasons to arrest Sanix.


Cyber security firm Intel 471 reports that Sanix had been selling credentials that would allow customers to access large organizations including four dozen universities from across the world.

Among the credentials was also access to a VPN used by the government in San Bernadino California. 

As noted by KrebsOnSecurity, the extent of Sanix’s databases of personal information underscore the need to maintain adequate password standards and adopt extra security measures like two-factor authentication. 

Source: Read Full Article