Gigantic data breach exposes 773 million emails and 21 million passwords
Have you been pwned? Probably—there are data breaches all the time that reveal login details, but the latest is on a different level. A database featuring a whopping 773 million emails has popped up online, and they're paired with passwords. So, if you weren't pwned yesterday, there's a pretty good chance you are today.
News of the breach was broken by security researcher Troy Hunt, who runs the breach-tracking site Have I Been Pwned. According to Hunt, the stolen data appeared about a week ago on the cloud storage service Mega. The data (inside a folder called "Collection 1") totaled about 87GB across more than 12,000 files. Some of the data was a bit messy, but Hunt managed to process it to get a handle on the scale of the breach.
Collection 1 includes 772,904,991 different email addresses and 21,222,975 passwords. Those passwords are dehashed, so they're no longer unreadable junk. Using the leaked data, you can plug in the username and password to access these accounts. The data comes from over 2,000 different databases, but I don't recognize any of the affected sites from a cursory scan of Hunt's data sample. That doesn't mean you won't, though.
All the newly leaked credentials are in the Have I been Pwned database, so you can enter your email there to see if you need to start changing passwords. Remember: a leaked password is no longer secure, even if you're using it on a different site. You shouldn't be doing that anyway because reusing passwords is dangerous
Comments
Post a Comment