Technology
Nearly 22 million unique passwords leaked in ‘Collection #1’ data breach
It’s time to change your password again.
More than 87GB of passwords and email addresses have been leaked and distributed in a folder dubbed “Collection #1” by hackers in a significant data breach.
As detailed by security researcher Troy Hunt, the trove of nearly 22 million unique passwords and more than 772 million email addresses was hosted on cloud storage service MEGA.
The link to the dump was posted on a hacking forum, but has been since taken down from the service.
New breach: The “Collection #1” credential stuffing list began broadly circulating last week and contains 772,904,991 unique email addresses with plain text passwords (now in Pwned Passwords). 82% of addresses were already in @haveibeenpwned. Read more: https://t.co/BAa3rbgZo4
— Have I Been Pwned (@haveibeenpwned) January 16, 2019
Hunt explains the cache of emails and passwords were built up from numerous data breaches from allegedly thousands of sources, dating all the way back to 2008.
He came across the collection of files after he was alerted by “multiple people” last week, and discovered the breach even includes an email address and password he used years ago.
“Like many of you reading this, I’ve been in multiple data breaches before which have resulted in my email addresses and yes, my passwords, circulating in public,” he wrote.
“Fortunately, only passwords that are no longer in use, but I still feel the same sense of dismay that many people reading this will when I see them pop up again.”
Hunt has loaded the email addresses and passwords into his site, haveibeenpwned, which allows people to be notified when their email has been tangled in a breach, or check if a password has been exposed and is thus unsuitable for use.
After you’re done checking whether if your email address or password has been compromised, it’s worth looking into a password manager, or even an analog one like a notebook, where you can store difficult to remember passwords in.
“It might be contrary to traditional thinking, but writing unique passwords down in a book and keeping them inside your physically locked house is a damn sight better than reusing the same one all over the web,” he added.
-
Entertainment7 days ago
WordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment6 days ago
‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment6 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment5 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment6 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment4 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment4 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
-
Entertainment3 days ago
CES 2025 preview: What to expect