It seems that data breaches are becoming more and more prevalent, as attacks on the likes of the USPS and Quora become commonplace. Troy Hunt, a security researcher who maintains Have I Been Pwned, has uncovered a massive collection data simply named “Collection #1”. This data treasure trove contains never-before-seen account details of 773 million unique email addresses on the internet. While it does not appear that the data comes from one specific source, it seems to be an amalgamation of a number of smaller breaches over the years. Roughly 82% of the data had been seen before, but that still leaves another 18% to worry about. You can check if your account has been affected in the breach by heading over to Have I Been Pwned and entering your email address.
What do I do if my account shows up as breached?
Well, there’s good news and bad news. For starters, “Collection #1” contains a huge amount of data, so the chance of anybody having abused your data is slim at the moment. Another thing worth noting is that of the 773 million unique email addresses, “only” 140 million haven’t been seen before. If you’ve been lax on security in the past, and you’ve shown up already in a breach, chances are your password is already floating around out there somewhere. Either way, your email address showing up with a password anywhere is bad, and you should change your password immediately if that is the case. Don’t just change it for the service you suspect was breached either, change the password everywhere.
The whopping 87GB of data first appeared on MEGA, a popular cloud-based storage service which superseded MegaUpload. Soon after, Hunt says that the data appeared on a “popular” hacking forum. It is unclear where exactly some of the 21 million unique passwords and 773 million unique emails come from, though we know the majority. In total, there are 1,160,253,228 unique combinations of password and email address, suggesting that some users may have been breached on multiple services. We strongly suggested checking to see if your data has been leaked, and if it has, we advise you to change your passwords on any potentially affected services.
If you’d like to read more about the data dump, you can check out the link below.
Source: Troy Hunt