A Closer Look at Email Breaches

Posted on Sep 4, 2018

If you’re feeling like announcements of major network breaches and data hacks are starting to sound commonplace, you’re not wrong. The number of data breaches that occurred in first half of 2017 alone increased by 29 percent over 2016, hitting a record high of 791 in just six months.

In fact, five of the biggest data breaches in history have occurred within the last decade, led by the compromise of over 3 billion Yahoo accounts in 2013. Including every Yahoo account in existence at the time, users’ names, email addresses, passwords, and financial information were exposed as a part of the hack. We took a closer look at email breaches: 


Internationally some domain extensions may be more susceptible to attack than others. Beyond the most common generic top-level domains (including .com, .net, and .gov), many country coded top-level domains (ccTLD) were exposed in the email breach we analyzed.

Russian has spent a fair amount of time in the spotlight over email hacking allegations, but .ru email accounts were among the most common ccTLDs breached in this attack. In 2016, over 25 million Russian email accounts were stolen after a Mail.ru forum was hacked. Of those, nearly half were easily procured with readily available cracking tools as a result of easy to guess login credentials. The most common password? “123456789”. Beyond usernames and passwords, hackers we able to obtain birthdays and in some cases IP addresses (helping them determine locations as well) of those affected.

Including Russia, the UK (.uk), France (.fr), Germany (.de), and Italy (.it) had the highest number of affected emails in this breach of over 30 million accounts.

Avoiding Numerical Trends

Need to add numbers or symbols to username to get something that isn’t already taken? Sometimes adding the year of your birth feels like the easiest way to differentiate your email from something that may not be available. Of course, that could also give hackers a sneak peak into the numbers you’re more likely to use in your password too. Of the more than 30 million accounts and usernames compromised in this massive data breach, “2000” and “2010” were the most common.

If these numbers truly represent the birth year of the users in question, those born between 2000 and 2012 would have been the most susceptible. Hackers sometimes purposely target children in an attempt to procure their social security numbers for identity theft and because parents are less likely to be monitoring their information.

Using those number in your password can also create risks. Today, it’s not uncommon for websites to require users to include upper and lowercase letters in addition to at-least one numeric number. Because the software used in these attacks is also getting more sophisticated, many programs are trained to incorporate the most commonly used passwords and combinations into their attempts. Even by using multiple numbers in the form of a year, using some of the numbers listed above could be putting your information at risk.


Security Research in your Inbox

Thanks for siging up for the newsletter!

No waiting, 100% Free

Get your personalized scorecard today

Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.

Get Your Free Score

Get In Touch

Thank you for contacting us!

Request a Demo

Thank you for requesting a demo!