1.2 billion web credentials hacked

This numbered was trimmed down to 1.2 billion unique Web credentials, after duplicate entries were removed.

The hacker was linked to the stolen logins through a Russian email address.

The FBI investigation followed last year's announcement by Hold Security that it had obtained information that a Russian hacker group it dubbed CyberVor had stolen the 1.2 billion credentials and more than 500 million email addresses.

The vendor's founder, Alex Holden, told the New York Times that the gang came from a small city in southern Russian Federation, and consisted of fewer than a dozen men in their early 20s, who had been ramping up their attack activity over the previous three years. For the finest of our information, they mainly dedicated to thieving credentials, sooner or later winding up while using the most significant cache connected with compromised personal data, totaling around 1.2 billion distinctive pieces associated with e-mails as well as security passwords, said American cyber security researchers.

Previously, "mr.grey" had advertised the credentials to Facebook and Twitter accounts for sale online. It says mr.grey also offered to provide hacked accounts for multiple social networking sites, including Facebook, Twitter and VK, which stands for the Russian site VKontakte.

Fourteen months later, Reuters reported this week that federal prosecutors used Hold Security's investigative work to narrow in on a hacker who may be involved: Upon scouring lists of domain names that authorities believed were being used to send spam, the FBI stumbled upon an email address pertaining to a "mistergrey", court documents seen by the newswire suggest.

U.S. police agencies did not comment on Grey. But Holden tells Reuters that mr.grey's message indicates that he either operated or had access to the database containing the more than 1.2 billion stolen records that he found.

The news piqued the interest of the FBI, which started an official investigation into the gang and eventually uncovered posts on an underground hacking forum linked to the breach.

An FBI spokeswoman declined to comment on the status of its investigation.