Security researcher Troy Hunt has uncovered what is thought to be one of the biggest-ever troves of hacked email addresses and passwords. Now’s the time to check if yours is among more than half a billion accounts impacted in the breach.
A collection of some 770 million email addresses, as well as millions of passwords have been discovered in a massive data breach, web security researcher Troy Hunt posted online Thursday.
Following what appears to be the biggest breach of data since the infamous Yahoo leak in 2013, users of all email services are urged to immediately check if their password is among those stolen, using a security checker such as Have I Been Pwned.
Hunt, who himself set up the website Have I Been Pwned, revealed his discovery of the 772,904,991 email addresses alongside 21,222,975 passwords, which were dumped on the cloud service MEGA and being circulated by hackers online.
Hunt wrote the data is “made up of many different individual data breaches from literally thousands of different sources,” adding that this was the “single largest breach ever to be loaded into HIBP [Have I Been Pwned].”
Hunt has called the data “Collection #1.” In his web post, he explains in detail how he was informed of the breached data by a contact, who pointed him towards “a popular hacking forum,” where the data was being shared.
The web researcher also said that his own personal data was among the breached information, and urged people to check whether they too had been exposed via HIBP and via his other website, Pwned Passwords, where individuals can check whether their passwords have been compromised.
If the search on HIBP or on Pwned Passwords finds that the data has been compromised, the password should no longer be used and changed immediately, as this means that the information has been illegally accessed by hackers.
Hunt also urged people to use password managers, as “the only secure password is the one you can’t remember.”
According to Pwned Passwords, reusing passwords is a common practice because people don’t realise just how risky it can be to do so. – dpa