14 DAY TRIAL // Hackers have stolen over 33 million user records from QIP.ru, an instant messaging service used predominantly in Russia.
Softpedia has received a sample of the data from HEROIC, a cybersecurity startup that protects users from hackers and cyber threats.
The company claims to have gotten the data from a hacker using the Jabber ID [email protected]. This hacker is also the source of the recent Last.fm and Rambler.ru breaches.
Plaintext passwords for 33,380,559 users
Both Softpedia and HEROIC's staff have verified the data by trying to register a new account using one of the usernames and emails provided in the sample set, and by successfully requesting password resets.
The data dump contains details for 33,380,559 accounts, such as QIP usernames, passwords, email addresses, registration dates, telephone numbers (for some accounts), and other details related to QIP's service.
All QIP passwords were stored in plaintext, no hashing or salting. This is the third Russian service exposed in the last few months storing passwords in plaintext after VK and Rambler.
Security breach appears to have taken place in 2011
A HEROIC spokesperson told Softpedia that the QIP dataset contains records for users registered between 2009 and 2011.
In order to use QIP, users have to download one of the company's IM clients, either for Windows PCs or Android or iOS smartphones. The IM client supports text, audio, and video communications.
Softpedia has reached out to QIP, but we have not received an answer in time for this article's publication.
Due to the data breach's old age, it's most likely that most users have already changed their password in the meantime. QIP users who have reused their QIP password for other services are encouraged to change all passphrases before having one of their accounts compromised.
QIP users who want to see if their data was included in the QIP security breach can search HEROIC's database. The company claims it contains 2.1 billion user records from over 1,400 security breaches.
