HACKERS are gaining ground worldwide in attempts to steal information from compromised Web sites, say security experts.

The San Francisco Chronicle reported that criminal attacks against major Web sites have grown so common that Internet users have no reliable way to know which sites are safe to visit, no matter how well known those destinations are.

News of the latest attack comes from Finjan, an Israeli security firm, which found last month a large cache of information - including confidential medical records, financial records and business e-mails - sitting unprotected on a computer network server in Malaysia.

The data came from more than 40 major financial companies around the world, the Chronicle reported.

It was stolen from computers belonging to doctors and home users conducting online banking
and, in some cases, from machines inside corporate networks that the hackers managed to penetrate and infect.

Included in the stolen information, reported the Chronicle, were medical diagnoses and insurance details, Social Security numbers, the recorded keyboard strokes of online shopping sessions and e-mails from businesses discussing an impending court case.

At any moment, thousands of sites are sitting on the Web hosting malicious software code designed to try to steal information, the paper said.

The stolen personal information would be sold to parties to conduct identity theft and sometimes extortion.

The numbers are staggering.

Last month, Yahoo detected 7.8 billion links served up by search engines that led to compromised sites. Some of the sites are well known - during the past few months, they've included MySpace and MSNBC.

» Also read: Most criminal attacks are invisible to computer users

For more my paper stories click here.