Mail.ru

In September 2014 a massive collection of account credentials surfaced on a Russian security forum. The data dump contained nearly 5 million email addresses and plain text passwords primarily targeting the Mail.ru domain. This incident was part of a series of large scale breaches involving major Russian email providers during the same period. The exposure was likely the result of long term phishing campaigns and credential stuffing attacks rather than a direct compromise of the provider infrastructure itself. Security researchers noted that many accounts were either old or had weak passwords at the time of the public disclosure.