Another Year, Another Breach — and this one is major…
It’s January 18, 2019 — not even a full month into a new year, and a major data breach has been reported, exposing a total of 2.7 billion different email and password combinations. The data set breached, deemed “Collection #1”, includes over 772 million email addresses, and 21 million passwords. This alone makes it the largest public data breach, to date.
Of the data that was breached, 140 million email addresses and 10 million passwords are new to the dark web. To find out if your data was breached, you may go to Have I Been Pwned, and enter your email address. If the email address has been breached, it will tell you when, and how.
Then, to make matters even worse — the passwords are exposed in basic text. Meaning, absolutely no decryption is needed to identify what the passwords are.
And the final cherry on top? This is allegedly only the first of six data sets the seller has available. Assuming the other five sets are of comparable size, the public will have a major problem on their hands.
Now for the good news, which isn’t exactly “good”, but could be considered a silver lining. This data set is approximately 2-3 years old, therefore, some of the data may not be entirely relevant.
Moving forward, users should check their email addresses at Have I Been Pwned to confirm their security. If breached, be sure to change the password immediately to something that meets the following requirements: 8+ characters, upper case and lower case letter, symbol, and number. Users should also never use the same login credentials for multiple accounts.
