Another Mega-Breach: 33M Russian Instant Messenger Accounts Stolen

It’s becoming ordinary to hear that millions of some website’s accounts have been stolen.

The latest victim is QIP, a Russian instant messenger service, which had more than 33 million accounts stolen between 2009 and 2011, according to cybersecurity firm Heroic.

The post states the breach included email addresses, usernames and passwords, the latter of which were stored in plain text without any encryption or hashing. And it turns out the No. 1 password—used 607,156 times—was 123456.

Earlier this week, data breach monitoring service LeakedSource verified almost 100 million stolen accounts from the Russian website and email service Rambler.