Massive Data Breach Exposes 773 Million Emails, 21 Million Passwords
The newly discovered “Collection #1″ is the largest public data breach by volume, with 772,904,991 unique emails and 21,222,975 unique passwords exposed. A large file of 12,000 separate files and 87GB of data was uploaded to MEGA, a popular cloud service. The data was then posted to a popular hacking forum and appears to be an amalgamation of over 2,000 databases. The really scary thing is the databases contain “dehashed” passwords, which means the methods used to scramble those passwords into unreadable strings has been cracked, fully exposing the passwords.
This means compromised email and password combos are more vulnerable for a practice called credential stuffing. Basically, credential stuffing is when a breached username or email/password combo is used to hack into other user accounts. This could impact anyone who has used the same username and password combo across multiple sites. The Collection #1 breach contains almost 2.7 billion combos. Around 140 million emails and 10 million passwords from Collection #1 were new, meaning they’re not from previously reported mega-breaches.
Simple tip: don’t reuse passwords, enable two-factor authentication, and start using a password manager if you haven’t already. Taking these few simple steps can really help protect your credentials. If you feel you are compromised, contact 2W Tech today. There is often times a personal breach can also lead to a business security breach if you BYOD into the workplace or use the same credentials for work as you do for personal. 2W Tech is a full-service IT Consulting firm that specializes in Security Solutions. We use a software that can help you identify if your user credentials have been compromised on the Dark Web.