A Russian hacker gang nicknamed CyberVor stole 1.2 billion usernames and passwords according to a story, the biggest known collection of stolen internet information. The usernames and passwords were pulled from almost half a million websites according to Hold Security, the firm that first spotted the hack. The firm is working to contact all of the violated websites, though the firm’s founder Alex Holden says most of them are still vulnerable to further cyberattacks.

There is no indication yet of what the hackers plan to do with this information, and there is no real pattern in the websites they attacked. From Fortune 500 companies and small businesses, to international and U.S.-based firms, all forms of websites have been accessed.

Perhaps most frightening, according to Hold Security, is that the hackers targeted individuals. Once hackers found an individual to victimize, the group tracked down their internet history and targeted every website he or she logged into.

Hold Security recommends that internet users change their passwords to websites that hold sensitive information, such as bank account information and health records. They also recommend that you make these passwords different so in the future hackers will not have access to all your information through one account.