Russian hackers have stolen 1.2 billion user name and password combinations in what could be the biggest ever data theft, according to a US security firm.
The information is said to relate to half a billion email addresses.
Hold Security, based in Milwaukee, says a 'Cybervor' gang stole the information from 420,000 web and FTP sites.
It claims the gang used a botnet, a network of infected computers controlled by a hacker, to identify weaknesses in websites that people visited.
Users typically do not know their machine is being manipulated by a botnet.
"The botnet conducted possibly the largest security audit ever," says Hold Security on its website, which says its spent seven months researching the alleged breach.
"Over 400,000 sites were identified to be potentially vulnerable to SQL injection flaws alone.
"The CyberVors used these vulnerabilities to steal data from these sites’ databases.
Read more: http://news.sky.com/story/1313779/russian-hackers-pull-off-biggest-data-theft