Russian social networking site VK.com appears to have been breached with hackers selling some 100 million records for a mere US$580 in Bitcoins.
The breach has been reported by LeakedSource which received portions of the breached database.
At least 100 million accounts are said to have had names, user logins, and phone numbers exposed in the cache. Some estimates put the number of hacked records at 170 million.
The validity of the credentials thought stolen in 2012 or 2013 has yet to be tested. But the numbers mentioned suggest the 17GB-plus cache lists the site's entire membership.
The original seller, an entity calling itself "Tessa88", is selling the database on darkweb marketplace The Real Deal.
The same handle was implicated in the recent dump of stolen MySpace credentials.
Stolen databases are constantly sold and given away on cybercrime forums. Many are fake and/or a patchwork of credentials from previously publicised breaches.
The stolen records help criminals to gain sufficient identification material to pass security checks and access accounts of individuals, while stolen passwords are useful in mounting more efficient and effective dictionary-based brute force attacks. ®