Data breach exposes 773M email addresses, 21M passwords
Data breaches just keep on coming and the most recent one has just exposed 737 million email addresses and 21 million passwords.
Troy Hunt, the security researcher behind the HaveIBeenPwned website, was the first one to report the breach called “Collection #1″.” The collection of files contains a total of 772,904,991 unique email addresses and 21,222,975 unique passwords, and have been circulating in the dark parts of the web like hacking forums.
According to Hunt’s post on his website, the collection of files is made up of many different individual data breaches allegedly from thousands of different sources. It was uploaded on cloud service MEGA (the files has since been removed from the service), containing over 12,000 separate files and more than 87GB of data. What’s very concerning is that a forum referenced the collection of databases as “dehashed” meaning the data were already decrypted and fully exposed.
KerbsOnSecurity.com, on the other hand, says that Collection #1 is 2 to 3 years old and is just a portion of a larger database which could amount to 4TB. Newer sets are claimed to be less then a year old.
Since the data is already out there, you might as well check if your account has been compromised. You can do it at HaveIBeenPwned.com. If your account has been “pwned”, the recommendation is to change your password into a more secure one and enable Two Factor Authentication.