Alex Holden

From Wikipedia, the free encyclopedia
Alex Holden
Born (1974-11-05) November 5, 1974 (age 49)
NationalityUkrainian
OccupationComputer security researcher
Years active2013–present
Known forUncovering 2014 Russian hacker password theft

Alex Holden (born November 5, 1974) is the owner of Hold Security, a computer security firm. As of 2015, the firm employs 16 people.[1]

Life[edit]

In 1979, when Holden was five years old, Holden's family was denied permission to emigrate to the United States from Soviet Ukraine; this may have resulted in persecution for attempting to leave. However, seven years later the Chernobyl nuclear disaster led to mass evacuations, allowing the family to flee to Moldova, moving next to Italy, and finally the United States. In Italy, at 14, he missed a year of school to work in a farm. Holden later attended, but did not graduate from, the University of Wisconsin–Milwaukee. At the age of 27, Holden became the chief information security officer of Robert W. Baird & Co., a Milwaukee-based financial-services company that manages more than a hundred billion dollars of assets. Hold Security came into existence in February 2013, when a small security company called Cyopsis split in two.[1]

Company Profile[edit]

Holden's firm Hold Security focuses on penetration testing and auditing for companies but also offers a unique service they call Deep Web Monitoring. In this service, the firm's analysts look for client's stolen login credentials, trade secrets, and any private employee or customer information that is circulating among hackers on the deep and dark web.[2]

Notable investigations[edit]

POS Vendor Breaches[edit]

In August 2016, Holden's firm discovers evidence leading to breach of Oracle's MICROS POS along with a number of other victims. Discovery details the indicators of compromise of MICROS and other victims and potential data that could have been stolen from them.[3]

2016 Alleged Email Credentials Cache[edit]

In 2016, Holden claimed to have uncovered a major cache of 272 million unique email addresses along with the passwords to their webmail accounts.[4] Holden's news release was criticized when subsequent investigation by the webmail providers showed that almost none of the passwords were valid.[5][6]

97 Dating Websites Breached[edit]

During the summer of 2015, Russian hackers breached 97 websites mostly made up of dating sites. Ashely Madison, the most prominent of these sites, had sensitive company information, emails, internal documents, and details of 30 million users stolen in this breach. Holden's firm were the ones who discovered the stolen information which they found on a server the hackers were using.[7]

JP Morgan Breach[edit]

In the summer of 2014, JPMorgan Chase was attacked by a gang of Russian hackers who stole information compromising 76 million households and seven million small businesses. Holden and his firm were crucial in helping discover this intrusion uncovering a billion of passwords and usernames that the gang had stolen.[8]

2014 Russian Hackers[edit]

In 2014, Holden and his firm discovered that a group of Russian hackers possessed 542 million stolen email addresses with 1.2 billion email-and-password combinations, the largest cache of stolen credentials discovered to date.[1] Hold Security did not publicly name the victims, but at the request of The New York Times, an independent expert confirmed for the Times that the cache was authentic.[9]

CorporateCarOnline Breach[edit]

In November 2013, Holden's firm discovered that the limousine software-as-a-service company Corporatecaronline had been hacked exposing credit card and personal information of nearly 1 million customers. Some of these customers include politicians, star athletes, and corporate executives. But, there were no indications that any of the information the hackers stole was abused in any way afterwards.[10]

PR Newswire Breach[edit]

In October 2013, the same hackers that breached Adobe earlier that year did the same to PR Newswire. This group of hackers stole the usernames and encrypted passwords of the marketing and press release distribution service's customers. Holden and his firm were vital in the discover of this breach and the analysis of the stolen data from PR Newswire.[11]

Adobe Systems Breach[edit]

Holden worked with cybersecurity journalist Brian Krebs to alert Adobe of the 2013 Adobe data breach, a theft of 2.9 million customer accounts and of the source code to some of Adobe's products.[12] Adobe Systems publicly acknowledge the breach thanking Holden and Krebs for incident discovery.[13]

Lexis Nexis, Dun & Bradstreet, HireRight/Kroll, and NW3C Breach[edit]

In 2013, popular data brokers like Lexis Nexis and the non-profit organization National White Collar Crime Center (NW3C) were compromised when operations of the underground criminal identity theft service ssndob[dot]ms was discovered. Hackers compromised systems within Lexis Nexis, Dun & Bradstreet, HireRight/Kroll, and NW3C stealing data and information. Holden and his firm were instrumental in discovering and analyzing the attack servers and breaches.[14]

Credibility Issues[edit]

There has been evidence to suggest that Alex Holden has inflated figures, combined breaches, and invented hacker groups in order to obtain press and speaking positions. This has been pointed out as early as the alleged 2014 breaches. He has at various times claimed to possess degrees that he did not possess, attend schools he did not attend, and have been employed by employers who never contracted/employed him.[15][16][17]

References[edit]

  1. ^ a b c "Meet the Man Who Finds Your Stolen Passwords". Popular Mechanics. 4 February 2015. Retrieved 7 May 2016.
  2. ^ Kirk, Jeremy. "Security company dives deep into the 'Dark Web' for stolen data". PC World.
  3. ^ Fox-Brewster, Thomas. "Oracle MICROS Hackers Infiltrate Five More Cash Register Companies". Forbes.
  4. ^ Yadron, Danny (4 May 2016). "Hacker collects 272m email addresses and passwords, some from Gmail". the Guardian. Retrieved 7 May 2016.
  5. ^ "Passwords and emails don't match up in cache of 272 million logins". CNET. May 2016. Retrieved 7 May 2016.
  6. ^ "Garbage in, garbage out: Why Ars ignored this week's massive password breach". Ars Technica. May 2016. Retrieved 7 May 2016.
  7. ^ "Russian-speaking hackers breach 97 websites, many of them dating ones". PCWorld.
  8. ^ Perlroth, Nicole. "Luck Played Role in Discovery of Data Breach at JPMorgan Affecting Millions". The New York Times.
  9. ^ Perlroth, Nicole; Gelles, David (5 August 2014). "Russian Hackers Amass Over a Billion Internet Passwords". The New York Times. Retrieved 7 May 2016.
  10. ^ "Milwaukee security firm finds breach in limo firm's software". JS Online.
  11. ^ "Adobe hackers strike again: PR Newswire grovels to clients after latest hack'n'grab • The Register". Theregister.co.uk.
  12. ^ Hustad, Karis (4 October 2013). "Hackers access Adobe's source code, plus 2.9 million customer accounts". The Christian Science Monitor. Retrieved 7 May 2016.
  13. ^ "incident | Security @ Adobe". blogs.adobe.com. Adobe Systems.
  14. ^ Krebs, Brian. "Data Broker Hackers Also Compromised NW3C — Krebs on Security". krebsonsecurity.com. Krebs On Security.
  15. ^ Romell, Rick; Glauber, Bill (2014-08-06). "Internet data breach puts Milwaukee-area man in cyber spotlight". JS Online. Milwaukee Wisconsin Journal Sentinel. Archived from the original on 2014-08-11. Retrieved 2019-12-02.
  16. ^ "The Lie Behind 1.2 BILLION Stolen Passwords". youarenotpayingattention.com. YouAreNotPayingAttention. 2014-08-08. Archived from the original on 2014-08-11. Retrieved 2019-12-02.
  17. ^ Brewster, Thomas (2014-08-12). "The Man Who Found 1.2 Billion Stolen Passwords: Negative Publicity Harming My Business". Forbes.com.