What happened
According to public breach records, the Rambler data breach on March 1, 2014 is reported to have exposed the personal information of 91,436,280 accounts.
In late 2016, a data dump of almost 100M accounts from Rambler, sometimes referred to as "The Russian Yahoo", was discovered being traded online. The data set provided to Have I Been Pwned included 91M unique usernames (which also form part of Rambler email addresses) and plain text passwords. According to Rambler, the data dates back to March 2014.
Passwords in this breach were reportedly stored in plaintext.
A database table from the Russian internet portal Rambler.ru containing roughly 91.4 million accounts surfaced online in late 2016, when the dump was discovered being traded and was cataloged by breach-tracking services. The exposed records included email addresses, usernames, and account passwords that had been stored in plain text rather than hashed, meaning the credentials were immediately usable without any cracking. The scale of the dump and the plaintext password storage made it one of the larger Russian-service exposures of that period.
What data was exposed
The following types of personal data were compromised:
- Email addresses
- Passwords
- Usernames
Breach details
| Detail | Value |
|---|---|
| Breach name | Rambler |
| Date | March 1, 2014 |
| Accounts affected | 91,436,280 |
| Domain | rambler.ru |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by Rambler; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Change your Rambler password immediately, and change it anywhere else you reused the same or a similar password — plaintext passwords from this dump are directly usable in credential-stuffing attacks
- Enable two-factor authentication on Rambler and any account that shared the exposed password
- Adopt a password manager and set unique passwords per site so one leaked credential cannot unlock other accounts
- Be alert for phishing and spam targeting your exposed email address, and never reuse the leaked password again
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →