Millions of Gmail, Hotmail and Yahoo Mail login details 'stolen in major security breach'
Hundreds of millions of hacked usernames and passwords for email accounts and other websites are being traded in Russia's criminal underworld, according to a security expert.
Alex Holden, founder and chief information security officer of Hold Security, told Reuters the 272.3 million stolen accounts are linked to popular providers such as Google, Yahoo, Microsoft, and Russia's most popular email service Mail.ru.
It is not clear whether users' accounts have been breached, but Hold's analysis found that:
57 million credentials were for Mail.ru accounts
40 million were for Yahoo accounts
33 million were for Hotmail accounts
24 million were for Gmail accounts
Hold Security said it obtained the email addresses and unencrypted passwords from a young Russian hacker who initially asked for 50 roubles (52 pence) in exchange for the list.
The cyber criminal eventually gave away a copy without charge after Hold's staff posted positive comments about him on a forum.
Mr Holden has previously played a key role in uncovering some of the world's biggest data breaches, which affected tens of millions of users at Adobe Systems, JPMorgan and Target.
The latest discovery is one of the largest stashes of stolen credentials to be uncovered since major US banks and retailers were affected by cyber attacks two years ago.
After being informed of the potential breach, Mail.ru said in a statement: "We are now checking whether any combinations of usernames/passwords match users' e-mails and are still active. As soon as we have enough information we will warn the users who might have been affected."
A spokesman for Microsoft said: "Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access."
Google and Yahoo told the BBC that they are investigating the incident.