Level 85
Staff member
Rambler.ru, a website nicknamed Russia's Yahoo, suffered a data breach in 2012 at the hands of unknown hackers, who managed to steal nearly 100 million user records, data breach index service LeakedSource reports.

According to data found inside the Rambler.ru data dump files, the incident took place around February 17, 2012, and included the details of 98,167,935 Rambler.ru users.

LeakedSource claims it received the data from a hacker using the daykalif@xmpp.jp Jabber ID. This is the same person who provided LeakedSource with the data dump from another 2012 hack, the Last.fm music streaming service.

Password data stored in plaintext
An analysis of the data shows that, for each user entry, there is a Rambler.ru username, which also doubles as a username@rambler.ru email address, an ICQ number (IM chat service), a password string, and some internal data. A screenshot of the Rambler.ru database schema is attached to this article below.

LeakedSource says that none of the password strings were hashed, being stored in plaintext in the database. This is similar to the VK.com data breach, where passwords were also stored in plaintext, without hashing or salting.

As you'd expect, the most common passwords were extremely easy to brute-force, including terms such as "asdasd," "123456," "000000," "654321," "123321," or "123123."

Read more: Hackers Steal Nearly 100 Million User Records from Rambler.ru