Thomson Reuters
- A massive collection of email address and passwords were leaked online in a data breach known as Collection #1.
- There's no single source, site, or company from where the data leaked - it's an aggregation of data that includes cracked passwords.
- You can check whether you've been affected on the website HaveIBeenPwned.com.
A massive database containing 772,904,991 unique email addresses and more than 21 million unique passwords were recently posted to an online hacking forum, according to Wired.
The hack was first reported by Troy Hunt of the hack security site Have I Been Pwned, which lets you check whether your email and passwords have been compromised and which sites your information was leaked from.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More The data collection as a whole, called "Collection #1," doesn't appear to originate from a certain source, but is rather an aggregation of 2,000 leaked databases that include passwords that have been cracked, according to Wired. That's to say the protective layer that scrambles, or "hashes," a password to prevent your original password from being visible has been cracked, and the passwords are presented in a usable form on hacking forums.
Data in Collection #1 wasn't put up for sale, like many data leaks are. It was first hosted on popular cloud hosting site Mega before being taken down, then posted on a public hacking site.
"Collection #1" is among the largest data breaches in history, second only to Yahoo's hack that affected as many as 3 billion users.
How to check if you've been affected
To check whether or not your data was affected, you can head over to HaveIBeenPwned.com and enter your email address. Once you hit enter, and if your data was affected, you can scroll down and see whether your data was included in the "Collection #1" leak.
Screenshot/Business Insider
From there, you can head over to the "Passwords" tab on the top of the Have I Been Pwned website and type in any passwords you can remember, especially those that you use across different sites. If it's been "seen," it's time to change the password on sites where you use it, and stop using that password altogether.
Screenshot/Business Insider
When you check if your email has been part of a hack before on the Have I Been Pwned site, you'll also likely see sites where you have accounts that have suffered a breach in the past. If you haven't already changed your password on those sites, you should go ahead and change those passwords.
And if you've been meaning to use a password manager like 1Password or LastPass, now is the time to sign up for one. Password managers make it easy to generate strong unique passwords for individual sites and accounts. Since the passwords generated by password managers are typically difficult to remember, password managers store your passwords so you can access them whenever you want to log in to a site.
Next Story
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
Experts warn of rising temperatures in Bengaluru as Phase 2 of Lok Sabha elections draws near
Axis Bank posts net profit of ₹7,129 cr in March quarter
7 Best tourist places to visit in Rishikesh in 2024
From underdog to Bill Gates-sponsored superfood: Have millets finally managed to make a comeback?
7 Things to do on your next trip to Rishikesh
