Cybersecurity expert Troy Hunt recently discovered the largest data leak in history. Dubbed as “Collection #1,” the data breach involved nearly 773 million email addresses and more than 21 million passwords. The massive database of compromised records came from different sites, so it’s entirely possible that a single record could have been compromised several times.
Hunt learned of the data breach when multiple people contacted him about a large collection of files stored in the popular file sharing website Mega. The collection comprised of over 12,000 files and more than 87GB of data. The database has since been deleted, but that didn’t stop people from sharing the files via a popular hacking forum.
Collection #1 is a set of email addresses and passwords totalling nearly 2.7 billion rows. After cleaning up after stripping away unusable data and passwords that were still hashed or encrypted, Hunt came up with these numbers: 772,904,991 unique email addresses and 21,222,975 unique passwords.
How to Know if Your Email or Password is Compromised
Hunt suggests checking your email at Have I Been Pwned, which was developed by Hunt himself. Have I Been Pwned checks if your account has been compromised in a data breach. You can also subscribe to email alerts to be notified when your email address is compromised in future data breaches.
As of now, all 21 million passwords in the Collection #1 data leak have been added to Have I Been Pwned, bringing the total number of records in its database to 550 million.
Hunt assures Have I Been Pwned users that their information are safe, due to the fact that email addresses are not stored next to passwords.
I tried using Have I Been Pwned, and true enough, my email address was involved in 10 data breaches. Information about the data breaches were also shown.
You can avoid your account being hacked by using a strong email and password combination. Experts suggest that you avoid using the same password on different websites. It’s also a good idea to use a password manager such as Lastpass or Dashlane to generate and securely store your passwords. These password managers can also inform you if your password is weak or has been involved in data breaches.