Researchers at security firm Webroot Software have discovered tens of thousands of stolen identities from more than 120 countries on an FTP server in the US.
It is believed that the identities were stolen by a Trojan horse virus installed on the users’ machines when they accessed a teen porn website.
The FBI is now investigating the stolen information, which includes names, phone numbers, social security numbers, and user log-ins and passwords for thousands of other websites accessed by the users.
The Trojan used in the collection of data took advantage of security vulnerabilities in users’ web browsers.
Webroot said the stolen data was stored on an FTP server hosted by nLayer Communications in New York, which had no knowledge of who was behind the scam.
As the stolen information had been categorised into the users’ different countries, it is thought that those behind the theft intended to sell the data on.