back to article 2,285,295 Aussie logins nabbed in Russian password haul

More than two million unique login credentials for Australian internet users were stolen as part of the massive haul of 1.2 billion passwords by a Russian hacker outfit. Earlier this month Hold Security reported that Russian hackers under the group dubbed CyberVors amassed the largest ever cache of stolen website passwords …

Anonymous Coward

Why not name and shame?

My concern is that it won't do anything to just silently contact the companies, in hopes of them fixing the problems (which shouldn't have happened in the first place: seriously, SQL injection in 2014?!).

Maybe it's high time to go beyond and legislate it: you *must* disclose the breach(es) and you are also liable if negligence can be shown (as above: SQL injection in this day and age *is* negligent)

IIRC, California does that, or tried to. (quick google shows me that they did, though I didn't easily find anything showing the effectiveness)


Re: Why not name and shame?

"My concern is that it won't do anything to just silently contact the companies"

The most likely outcome is they won't even do that.


Re: Why not name and shame?

Corpratz have been fighting breech disclosure legislation tooth and nail for many many years now.

Silver badge

Phew, that was close!!

They could have got all of our metadata as well !!!!



Unles details of the exploit are made public things wont improve.

The source could be compromised servers, virused pc's, hijacked dns, or simply people tying in a password in a wrong window.

Sure, all of these could be sorted out by people logging in with different passwords for different sites, and regularly changing passwords. BWAAHAHAHA!!!


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2018