Your email credentials may have been compromised.
A Russian cyber gang has allegedly amassed 1.2 billion email username and password combinations and more than 500 million e-mail addresses by infiltrating over 420,000 web and FTP sites, says security firm Hold Security.
Hold Security would not tell The New York Times, which broke the story, which companies were involved in the breach due to nondisclosure agreements. Its website was also currently down as of press time.
The Times reports, however, at its request, "a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic."
Per the Times article, no payment data appears to have been compromised. The cyber gang has not yet sold the credentials online. Instead, "it appears to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work," the Times reports.
While the number cited by the security firm -- and subsequent headlines -- are certainly unnerving, concerned customers shouldn't panic. You can protect yourself from identity theft and other potential problems by following a few simple steps.
First, refrain from clicking on strange links from email addresses or companies you are unfamiliar with. Second, change passwords across all of your important email and/or financial accounts, particularly if you are using the same one to access multiple sites.
If you have any reason to believe your financial information was compromised, set up fraud alerts and monitor online credit card and debit card statements for any suspicious activity. You can also monitor your credit report since mysterious line items are a good sign that identity theft is occurring.
Follow me on Twitter: @JeanineSko.