(CBS) — Security experts are warning Americans to change their online passwords after a Russian group stole more than a billion passwords.

CBS 2’s Chris Martinez reports by all accounts, this breach is the biggest ever and it comes with a warning for all of us.

READ MORE: Jussie Smollett Trial: Lead Detective In Investigation Explains On Witness Stand How Smollett Went From Victim To Suspect

Josh Law, who runs a DJ company in Chicago, is always on guard for the latest hack.

“We are hearing about them more often,” Law said.

It’s why he’s again changing his passwords today after news of a sinister scheme. A Russian cyber gang, thought to be less than a dozen men, is behind the historic haul. They targeted 420,000 websites and stole 1.2 billion usernames and passwords. The group also snatched at least 500 million email addresses.

“In fact – it’s even bigger but this was after taking out many of the redundant ones,” said Governor State Professor Bill Kresse.

READ MORE: Bulls Surprise Kelly College Prep Girls' Basketball Team With Afternoon Tournament

It was a seven-month investigation by Milwaukee based Hold Security that revealed the big break in prompting a warning – from online experts.

They say in this case – every last one of us should assume – we’ve been hit.

“Change those passwords, use unique passwords for each different entity and develop a password that you can remember but is difficult to break,” Kresse said.

So far, the names of all those hacked websites have not been made public, though it’s thought a number of banks are included and social media sites.

Our expert says that’s why you should change all your passwords right away. He recommends making passwords different for each account and to make it complicated.

MORE NEWS: CVS Installs Time-Delay Safes At All Illinois Pharmacy Locations To Deter Would-Be Thieves

It is also recommended to change passwords every three months.