DetCord12B Posted January 17, 2019 Posted January 17, 2019 (edited) Quote 773 million email IDs, 21 million passwords for anyone to see in massive data dump. Nearly 773 million unique email addresses and more than 21.2 million unique, plain-text passwords were there for the taking recently in a massive data dump that’s been dubbed Collection #1. The news comes from security researcher Troy Hunt, who runs the Have I Been Pwned (HIBP) site that enables people to check and also receive alerts if any of their online accounts may have been the victim of a known breach. The stash of data was posted on file-sharing service MEGA and later also on an “unnamed popular hacking forum”, said Hunt. It comprises more than 12,000 files that weigh in at 87 gigabytes in total. “Collection #1 is a set of email addresses and passwords totaling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources,” wrote Hunt. This figure refers to raw data, before cleanup removed duplicate and junk bits. Also as part of the cleanup, 1,160,253,228 unique combinations of email addresses and passwords were ‘distilled’ into 772,904,991 unique email addresses; along with 21,222,975 unique passwords available in plain text. As a result, this tally doesn’t include passwords that were found still in their hashed form. Importantly, anyone who got their hands on the cache can easily test the plain-text passwords against actual accounts. Approximately 140 million email accounts and some 10.6 million passwords were not known from past breaches. https://www.welivesecurity.com/2019/01/17/21-million-passwords-massive-data-dump/ Check your status - https://haveibeenpwned.com/ Edited January 17, 2019 by DetCord12B 1
AndyJWest Posted January 17, 2019 Posted January 17, 2019 Um, no, I'm not going to check whether my online accounts have been breached by going to some random website. Too easy for said website to extract further useful information... 2
DetCord12B Posted January 17, 2019 Author Posted January 17, 2019 (edited) 1 hour ago, AndyJWest said: Um, no, I'm not going to check whether my online accounts have been breached by going to some random website. Too easy for said website to extract further useful information... It's not random. It's run by Troy Hunt who is the former regional security director for MS and someone who is considered to be a data breach expert. If you have any real concerns, check the FAQ provided. But the site is perfectly safe as it neither collects email addresses nor disseminates them. https://www.forbes.com/sites/kateoflahertyuk/2019/01/17/collection-1-breach-how-to-find-out-if-your-password-has-been-stolen/#50c3f0902a2e https://www.wired.com/story/collection-one-breach-email-accounts-passwords/ EDIT - Here are my results. Edited January 17, 2019 by DetCord12B 1
Chief_Mouser Posted January 18, 2019 Posted January 18, 2019 (edited) All five emails in this house are ok. So it can't be the porn sites that are sharing stuff... Edited January 18, 2019 by 216th_Cat 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now