16 million email addresses and passwords in Germany exposed by malware attack

Hot on the heels of the massive credit card cyber attacks that affected U.S. retailers such as Target, Neiman Marcus and others in December, the German government has announced it found criminals used malware to get the email addresses and passwords of as many as 16 million of its citizens.

The German-based The Local reports that the the country's Federal Office for Online Security discovered the issue when it checked into the activities of a number of criminal botnets. The government did not reveal the specifics of its discovery, nor is there any word on which group or groups are responsible for the stolen email info.

The government has set up a website so that citizens can type in their email address to see if it is part of this cyber theft. However, the huge amount of traffic generated by concerned German residents has resulted in the site becoming inaccessible for much of today.

For victims of the attack, the German government sent advisories recommending citizens change their email addresses and passwords along with performing malware sweeps on their PC.

Source: The Local | Email image via Shutterstock

Report a problem with article
Previous Story

Intel's TV plans are dead; will sell off its Intel Media unit to Verizon

Next Story

More Windows 8.1 Spring update screenshots leak, highlights new pinning feature

14 Comments

Commenting is disabled on this article.

It is not only Germany, the overall rate of bots deploying dumpers of saved browser passwords has gone bonkers

I managed to get my hands on few dumping ftp servers and according to my humble calculations 100 000+ new computers dump their credentials every 24 hours

I don't know who in their right mind has not seen this type stuff coming for years, especially as more and more stupid people have gotten on the net!

I can think of more people than I know how to count, that slap anything and everything on Facebook, or anyplace they may happen to be where something comes up that requires delicate info.

People either really don't care or are actually that stupid! I just don't know which?

It's like just because it's their bank, or gas company or HSN, or something real familiar, they'll never get hacked just because they're well known.

Oh.mein.Gott! This where we Americans can now point the finger at Germany and do a Nelson on them? Instead of the other way around?

So you'd say 16 million email passwords are worse than the 70+ million stolen credit card details from Target alone?

Instead of pointing fingers at countries how about blaming careless and irresponsible companies irrespective of nationality?

Problem is you do not know if the Credit Card information was taken, what information was taken, how it was taken.

If it was credit card information, with PIN information, would that make Chip and PIN vulnerable?

Not enough information to really know what is going on, other than 16 million people in Germany have had some of their personal data stolen. As more gets let out, we will hear about it.

Clirion said,
Problem is you do not know if the Credit Card information was taken
There's no indication of credit card info being compromised here, so are you perhaps mixing up the American (credit card info) and German (email info) incidents?

Absolutely not. When reading the Article, all that is known is Something was compromised. I was responding to the person that said only email addresses were compromised. All we know is email information is out there, we do not know if that was all et all. The German government has not released that information yet.

My Point is, we do not know if Credit information was taken yet. All we know for sure is that email information is showing up. he German government is still going though their investigation.

Why cant governments and business say , lets update our security as everyone is being hacked instead of. We will NOT upgrade our security until we are hacked.

Money, pure and simple. Even after they are hacked and finally have to pay for the enhanced security they should have paid for in the first place, how many are fined, at all or even so much that it makes a difference?

I hate that they do not even announce where they got that from. Might be a password email combination that is just used once where I could not be bothered less